The Blog
Hash the passwords!
published December 15, 2009
Great, my washing machine broke down after only 9 months of usage. I rembered that it should still have a valid guarantee. Since I bought it online, I figured the receipt was probably still available. So, I tried to log in to a online shop where the purchase was made, but could not remember my password for this site. “Lukily” site had a “forgot your password” -feature. After providing my email address, the password was sent to me in plain text. This means that everybody’s passwords are stored in database in plain text without a one way hash. Now, if you are working with any user data, please hash passwords and use salt. This is so basic stuff that it makes me angry even to write about it. The “forgot your password” -feature must be implemented as a “reset your password”. Goddammit.
No Comments to Hash the passwords!
Subscribe to RSS feed
The Tag Cloud
Agile Business Coaching Coding horror Conference Customer Design of Experiments Future Group dynamics ITIL It should not be that hard Java EE Kanban Leadership Lean Liferay Methodologies Natural UI Performance tuning Process Productivity Quality Retrospective RIA Scrum Six Sigma Social psychology Software Software architecture Testing This is great TOGAF
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
Samuli's Links
The Blog Archive
February 2012 (1)
January 2012 (1)
November 2011 (1)
June 2011 (2)
May 2011 (1)
April 2011 (2)
March 2011 (2)
February 2011 (1)
January 2011 (1)
December 2010 (1)
November 2010 (1)
October 2010 (3)
September 2010 (3)
August 2010 (5)
July 2010 (2)
June 2010 (3)
May 2010 (4)
April 2010 (2)
March 2010 (6)
February 2010 (7)
January 2010 (3)
December 2009 (7)
November 2009 (6)
