|archives ~ negative273 ~ chill ~ nathan ~ jim ~ mount athos ~ rob|
It seems to me I posted some time ago, maybe 9 months or so, that I discovered that WebSTAC/WebFAC deosn't bother to encrypt passwords but stores them in clear text. I found this out by calling to have my password changed; the admin said he could just tell me my password.
I was shocked. There was no warning of clear-text passwords and how users should pick a password unique to WebSTAC because of this.
I called the WebFAC folks and they said they'd do soemthing about it.
Would you believe they did nothing? I just had to change my password (for security reasons) only to discover that there is still no warning.
|Copyright © 2002-2008 Ron K. Cytron ~ hosted by negative273 ~ powered by moveable type|