Nemeski@lemm.ee to Technology@lemmy.worldEnglish · 1 day agoMeta fined $102 million for storing passwords in plain textwww.engadget.comexternal-linkmessage-square98fedilinkarrow-up11.08Karrow-down14
arrow-up11.07Karrow-down1external-linkMeta fined $102 million for storing passwords in plain textwww.engadget.comNemeski@lemm.ee to Technology@lemmy.worldEnglish · 1 day agomessage-square98fedilink
minus-squareBlackmist@feddit.uklinkfedilinkEnglisharrow-up35·1 day agoI remember my bank used to ask me for the 2nd, 5th and 7th letters of my password from time to time. There’s only one realistic way they can know those to ask me. They haven’t asked me that for a while now, so I can only hope they encrypted them properly at some point.
minus-squareandrew_bidlaw@sh.itjust.workslinkfedilinkEnglisharrow-up12·1 day agoAnd you can imagine someone thinking it’s super clever and secure.
minus-square3x7x37@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up7·1 day ago I can only hope they encrypted them properly at some point Encryption is reversible, hashing isn’t. That’s why you use the latter for passwords.
minus-squaresilentdon@lemmy.worldlinkfedilinkEnglisharrow-up9·1 day agoI once called my bank because I had trouble logging in. They didn’t outright say it but they implied that they could see my password and asked if I wanted to update it by telling them the new one. I said no.
I remember my bank used to ask me for the 2nd, 5th and 7th letters of my password from time to time.
There’s only one realistic way they can know those to ask me.
They haven’t asked me that for a while now, so I can only hope they encrypted them properly at some point.
And you can imagine someone thinking it’s super clever and secure.
Encryption is reversible, hashing isn’t. That’s why you use the latter for passwords.
I once called my bank because I had trouble logging in. They didn’t outright say it but they implied that they could see my password and asked if I wanted to update it by telling them the new one. I said no.