[clug] OT: Passwords to verify identity
carlo.hamalainen at gmail.com
Wed May 15 22:08:00 MDT 2013
On Thu, May 16, 2013 at 1:40 PM, Andrew Steele <fozzy at zipworld.org> wrote:
> Turns out their passwords are all stored in plain text so they can use them
> to verify identity. I've suggested this is a bit of a security weakness
> and I was told it wasn't.
I hope you use something like KeePassX to generate long passwords.
> I can accept an organisation's need to verify my identity, but do people
> think this is an appropriate way to implement it?
Submit them to Plain Text Offenders: http://plaintextoffenders.com/about/
More information about the linux