7/23/2023 0 Comments Plenty of fish login password![]() This is a bad decision and similar goals can be achieved with better means the reason it is bad is that the password is then reversible, and hence hackable and also the password could be sent in plain text across unencrypted protocols.Ī much better way to get users back to your site who may have forgotten their password is to have links back to your site that contain special purpose unique tokens that authenticate the user into a minimal state of 'logged in' - a state that allows the user to feel logged in, eg. The seemingly apparent advantage of storing passwords in plain text is that it can be emailed to the user, as the article points out (helps with user retention). As has been identified (and, assuming statements in other comments here are true, admitted) convenience and laziness on the part of the programmer are far more important to them than DoingThingsRight(tm). Of course, a site like PoF is not going to use any of the above. Securing the transport (by using HTTPS with a signed-by-a-generally-trusted0body certificate, rather than HTTP or HTTPS with a self-signed cert) is the better option for a web based application though. You are then avoiding both plain transport and plain storage, where hashed storage on its own requires plain transport (unless the transport mechanism is separately encrypted, by SSL/TLS in the case of HTTPS) and hashed challenge/response requires plain storage. You could use DH or a similar key exchange method to decide a secret key (DH can do this without letting eavesdroppers know the key) to encode the password with for transport. There are other ways to achieve this though. logging in over HTTP) but do trust the server's security. This sort of authentication is useful when you don't trust your transport mechanism (i.e. Hash based challenge-response authentication does require the server to know the plain password. Of course there are probably a great many sites that are unprofessionally constructed (in the auth credentials storage area at least) and you may never know until something goes wrong, so for safety you should not use the same password for multiple sites (keepass and similar utilities make keeping track of multiple password easy enough) then at least if one site is hacked the perp only gets access to that one site as you rather than potentially many sites. It is an excuse (a pathetic excuse) for plain text passwords, but it is not a valid/good/acceptable reason. It is like leaving the office door unlocked because you couldn't be bothered to fish your keys out of your pocket and find the right key. If anyone who says that the "but may require a little extra coding+testing" constitutes a valid reason, then they should not be trusted with any of your data. Every time someone says "but we want it because we need to X" there is a better way to achieve X (or Y, where Y has the same effect as X in the end) that does not require plain text password storage (but may require a little extra coding+testing). There is no valid reason for storing plain text passwords. My opinion? PoF stores password in plain text because it is an unprofessional outfit with no care for the security of its users or their data.
0 Comments
Leave a Reply. |