UK Government Reveals Personal Info During Consultation

Status
Not open for further replies.
G

Guest

Guest
it should be illegal for any company to save unencrypted passwords anywhere
 

goatsetung

Distinguished
Jan 28, 2010
47
0
18,530
Privacy and freedom should be illegal. Think of the children! And the terrorists!

Now bend over and "Respect My Authoritah!"
 
G

Guest

Guest
"we'll implant a device that reads thoughts into your head and replace one of your eyes with a camera that shows us everything you do, but that's because your safety is important to us"... how come they seem perfectly capable of that?
 

freggo

Distinguished
Nov 22, 2008
2,019
0
19,780
[citation][nom]crazypcman[/nom]it should be illegal for any company to save unencrypted passwords anywhere[/citation]
Don't be naive; there are easier ways to get passwords than hack an encrypted or even unencrypted database.
The problem is that most people use ONE password for everything they do. That means once I have your 'yahoo' password (for example) I can access your bank, facebook and anything else.
Add to that the shady methods of Registrars like 1&1.com and you can do some fun stuff 'underground' !

 

QEFX

Distinguished
Jun 12, 2007
258
0
18,790
[citation][nom]freggo[/nom]Don't be naive; there are easier ways to get passwords than hack an encrypted or even unencrypted database.The problem is that most people use ONE password for everything they do. That means once I have your 'yahoo' password (for example) I can access your bank, facebook and anything else.Add to that the shady methods of Registrars like 1&1.com and you can do some fun stuff 'underground' ![/citation]

Don't forget people who have stupid passwords such as "password" or "123456". Oh and short, easier to crack, passwords like "bob" or "9876". Even simple word passwords like "financial" or "dangerous". Basically the problem is human nature and laziness (you can add stupidity if you want). Until you get humans out of the security equation, you'll never be truly secure.
 

A Bad Day

Distinguished
Nov 25, 2011
2,256
0
19,790
[citation][nom]freggo[/nom]Don't be naive; there are easier ways to get passwords than hack an encrypted or even unencrypted database.The problem is that most people use ONE password for everything they do. That means once I have your 'yahoo' password (for example) I can access your bank, facebook and anything else.Add to that the shady methods of Registrars like 1&1.com and you can do some fun stuff 'underground' ![/citation]

I'd rather have a security problem at the user rather than at the service. What if I use a 32-word password that is nearly impossible to crack, and it gets cracked anyways because it was in a unencrypted format?

Which online service would you want to use? The one that forces most hackers to use social engineering or other methods to get around the hashes, salting, and other fun stuff? Or the one that requires simple or no tools to break into?
 
Status
Not open for further replies.