Learn More
Resend Email
28
osmarks
8y

Forgot my password at school, say so, they tell me the password. Have they never heard about security?

undefined

school

hash your passwords
Favorite
Ranter
Comments
  • 2
    8y
    You'd be surprised how many companies still don't hash passwords O_o
  • 1
    8y
    At a company I interned at the did salted hashes... With the salt in the same spreadsheet...
  • 2
    8y
    What system was this for? I'm guessing not Active Directory?
  • 0
    8y
    @drRoss
    The school uses some 'RES One' thing.
  • 0
    8y
    Well how else would you do it@Highlow
  • 0
    8y
    Separate hashes and their individual salts and maybe even encrypt the salts for good measure
  • 0
    8y
    @Highlow Storing the salt in the same spreadsheet isn't actually all that bad though..?
  • 1
    8y
    @quijibo Storing salts right next to the username is fine for verification purposes however salted hash + password + username is stupid bc on simple data breach and they can just hash common passwords with the salt and continue to check. This wasn't some start up ir something this was a security company with one metric f*ckload of users which was facing cyber attacks and should have been more secure
  • 0
    8y
    Tldr keep salts separate from users and passwords
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment