Nemeski@lemm.ee to Technology@lemmy.worldEnglish · 23 hours agoMeta fined $102 million for storing passwords in plain textwww.engadget.comexternal-linkmessage-square86fedilinkarrow-up11.01Karrow-down14
arrow-up11Karrow-down1external-linkMeta fined $102 million for storing passwords in plain textwww.engadget.comNemeski@lemm.ee to Technology@lemmy.worldEnglish · 23 hours agomessage-square86fedilink
minus-squareBlackmist@feddit.uklinkfedilinkEnglisharrow-up33·18 hours agoI remember my bank used to ask me for the 2nd, 5th and 7th letters of my password from time to time. There’s only one realistic way they can know those to ask me. They haven’t asked me that for a while now, so I can only hope they encrypted them properly at some point.
minus-squareandrew_bidlaw@sh.itjust.workslinkfedilinkEnglisharrow-up12·18 hours agoAnd you can imagine someone thinking it’s super clever and secure.
minus-square3x7x37@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up6·16 hours ago I can only hope they encrypted them properly at some point Encryption is reversible, hashing isn’t. That’s why you use the latter for passwords.
minus-squaresilentdon@lemmy.worldlinkfedilinkEnglisharrow-up9·17 hours agoI once called my bank because I had trouble logging in. They didn’t outright say it but they implied that they could see my password and asked if I wanted to update it by telling them the new one. I said no.
I remember my bank used to ask me for the 2nd, 5th and 7th letters of my password from time to time.
There’s only one realistic way they can know those to ask me.
They haven’t asked me that for a while now, so I can only hope they encrypted them properly at some point.
And you can imagine someone thinking it’s super clever and secure.
Encryption is reversible, hashing isn’t. That’s why you use the latter for passwords.
I once called my bank because I had trouble logging in. They didn’t outright say it but they implied that they could see my password and asked if I wanted to update it by telling them the new one. I said no.