On Thu, Apr 28, 2011 at 11:32 AM, Matthew Walker <[email protected]> wrote: > On Thu, April 28, 2011 11:24 am, Nicholas Leippe wrote: >> One of my accounts a while back changed their password method--they >> emailed me saying that to "increase security" they had stripped all >> non-alphanumerics out of my password! That is disturbing on many >> levels. > > Ouch. The most disturbing part for me is that it meant they weren't storing a > hash, but > the actual password itself.
Yep. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
