RCU Forums

RCU Forums (https://www.rcuniverse.com/forum/)
-   Suggestions (https://www.rcuniverse.com/forum/suggestions-47/)
-   -   Suggestion: Do Not Store Plaintext Passwords (https://www.rcuniverse.com/forum/suggestions-47/10511376-suggestion-do-not-store-plaintext-passwords.html)

omnitographer 05-09-2011 09:28 PM
Suggestion: Do Not Store Plaintext Passwords
 
I'm an ITguy and I thought Ishould mention it's probably not a good thing to store user's passwords unencrypted, as in the event of some sort of security breach, it could compromise member's email accounts (lots of folks use the same password on every website). This is basically what happened to Sony, and they got a lot of flack for it. You might not think anyone would try to bother getting into this site, but let me ask ya, would you rather attack google's secured email servers, or some rc hobbyist website running 4 year old software? Idon't do security stuff, but Iknow when good security practices aren't being followed, and it's probably not something you guys thought about since you're more into the RCscene than IT/IS, but you really might want to consider hiring on a consultant or something to fix this. Hope this helps!

atriot 12-19-2017 06:59 AM
Plain Text Passwords
 
Hello, seems you're storing your passwords in plain text, which is something you should absolutely not do.


All times are GMT -8. The time now is 07:24 AM.


Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.