Hello - It's been happening for a while, but it's really (really) time to end storing clear text passwords in the database. It's *LONG* past time to send them in email to your users.
If you'd like proof, go to http://plaintextoffenders.com/submit And http://krebsonsecurity.com/2012/06/naming-and-shaming-the-plaintext-offenders/ Of all places, Fedora and Red Hat should be leading this charge. Thanks for listening, Perry Engle Lead Cyber Security Engineer, Section Leader The MITRE Corporation, Department G026 (o) 781-271-2349 (m) 617-893-0058
-- websites mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/websites
