Osterberg
*Cc:* Thor (Hammer of God); Mario Vilas; Romain Bourdy;
full-disclosure; Inc leartext
*Subject:* Re: [Full-disclosure] password.incleartext.com
Tbh, I'd be unhappy about any company storing a password in anything
other than a hash of itself. But, like many things in life, we have
Sent by: full-disclosure-boun...@lists.grok.org.uk
01.04.2011 13:14
To
full-disclosure@lists.grok.org.uk
cc
Subject
[Full-disclosure] password.incleartext.com
Hi FD,
Just launched a new website to keep a list of websites storing
passwords in clear text, so far
To
full-disclosure@lists.grok.org.uk
cc
Subject
[Full-disclosure] password.incleartext.com
Hi FD,
Just launched a new website to keep a list of websites storing
passwords in clear text, so far the database is small but feel free
to add some:
http
...@lists.grok.org.uk]
On Behalf Of Mario
Vilas Sent: Wednesday, April 06, 2011 9:05 AM To: Romain Bourdy
Cc: full-disclosure; Inc leartext
Subject: Re: [Full-disclosure] password.incleartext.com
Actually, if they can get the data back (be it because it's stored in
plaintext or in obfuscated
On Wed, 06 Apr 2011 18:10:29 BST, Cal Leeming said:
People should be using a different password for every external service
anyway, so technically this shouldn't even matter ;)
You're new here, aren't you? :)
pgpt9sj2oQD91.pgp
Description: PGP signature
People ***should*** be using
so ***technically*** this shouldn't even matter
I was taking the piss lol.
On Thu, Apr 7, 2011 at 3:59 PM, valdis.kletni...@vt.edu wrote:
On Wed, 06 Apr 2011 18:10:29 BST, Cal Leeming said:
People should be using a different password for every external service
-disclosure] password.incleartext.com
Hi FD,
Just launched a new website to keep a list of websites storing
passwords in clear text, so far the database is small but feel free
to add some:
http://password.incleartext.com/
Cheers,
Inc
To
full-disclosure@lists.grok.org.uk
cc
Subject
[Full-disclosure] password.incleartext.com
Hi FD,
Just launched a new website to keep a list of websites storing
passwords in clear text, so far the database is small but feel free
to add some:
http
-disclosure@lists.grok.org.uk
cc
Subject
[Full-disclosure] password.incleartext.com
Hi FD,
Just launched a new website to keep a list of websites storing
passwords in clear text, so far the database is small but feel free
to add some:
http://password.incleartext.com
: Wednesday, April 06, 2011 9:05 AM To: Romain Bourdy
Cc: full-disclosure; Inc leartext
Subject: Re: [Full-disclosure] password.incleartext.com
Actually, if they can get the data back (be it because it's stored in
plaintext or in obfuscated plaintext) then it's not secure. Obfuscation
doesn't make
I sent this only to Romain,
Some other posters wanted to know the other scenarios.
-Travis
-- Forwarded message --
From: T Biehn tbi...@gmail.com
Date: Wed, Apr 6, 2011 at 10:33 AM
Subject: Re: [Full-disclosure] password.incleartext.com
To: Romain Bourdy achil...@gmail.com
by: full-disclosure-boun...@lists.grok.org.uk
01.04.2011 13:14
To
full-disclosure@lists.grok.org.uk
cc
Subject
[Full-disclosure] password.incleartext.com
Hi FD,
Just launched a new website to keep a list of websites storing
passwords in clear text, so far the database
On Wed, 06 Apr 2011 22:38:56 +0200, Romain Bourdy said:
So let's say I store password using PGP for *recovery*, encrypted with my
own keys as sender and recipient , I can recover plaintext passwords
whenever I want to, but is it unsecure ?
At that point, the security is exactly equal to the
From: Cal Leeming [mailto:c...@foxwhisper.co.uk]
Sent: Wednesday, April 06, 2011 11:58 AM
To: Peter Osterberg
Cc: Thor (Hammer of God); Mario Vilas; Romain Bourdy; full-disclosure; Inc
leartext
Subject: Re: [Full-disclosure] password.incleartext.com
Tbh, I'd be unhappy about any company storing
Hi FD,
Just launched a new website to keep a list of websites storing passwords in
clear text, so far the database is small but feel free to add some:
http://password.incleartext.com/
Cheers,
Inc Leartext
___
Full-Disclosure - We believe in it.
15 matches
Mail list logo
