learn99
Reputation: 113
Stored passwords in plaintext?
I was working on testing some projects , and theres a service in site that let you enter your id and its gets your passwords , is this mean that the backend stored the passwords in plaintext and not encrypted ?
Upvotes: 1
Views: 171
Answers (1)
Mureinik
Reputation: 311518
Not necessarily - the backend may store encrypted passwords and decrypt them with some predetermined key when they are retrieved.
However, this is still a pretty weak solution from a security standpoint. A proper approach would be to just store the encrypted/hashed (and salted!) password and be able to check if a given input matches it, without the ability to retrieve the clear-text password.
Upvotes: 2
Related Questions
- Handle Plaintext Passwords... Safely
- Secure PHP password entry possible?
- Password Database on PHP file
- Securely displaying passwords in php
- unix password service for storing plain-text password in php web application?
- Storing Passwords in reversible form
- Secure password storage
- hack safe authentication information database storage
- how do i save passwords when i need them later in plain tex (php)
- Storing plain text passwords