Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Website security query

Options
  • 16-06-2009 9:30pm
    #1
    Jaeger
    Registered Users Posts: 319 ✭✭


    Well folks,

    When I signed up online to switch to AirTricity, I received my username and password information to access my account at their website via snail mail. I'm no rocket surgeon, but does this imply they're storing my password information on their server in plain text format?

    Bit concerned on this, but haven't really paid serious attention to developments around web security/hacking in quite a while...


    PS: Perhaps this thread should be moved to Consumer Issues given it's AirTricity related... given it's a specific query relating to website security I thought it best to start here with you folks.


Comments

  • Options
    #2
    John_Mc
    Registered Users Posts: 2,791 ✭✭✭John_Mc


    Jaeger wrote: »
    Well folks,

    When I signed up online to switch to AirTricity, I received my username and password information to access my account at their website via snail mail. I'm no rocket surgeon, but does this imply they're storing my password information on their server in plain text format?

    Bit concerned on this, but haven't really paid serious attention to developments around web security/hacking in quite a while...


    PS: Perhaps this thread should be moved to Consumer Issues given it's AirTricity related... given it's a specific query relating to website security I thought it best to start here with you folks.

    It wouldn't be technically difficult to have the letter automatically generated by a script which can decrypt your password from the DB.

    I wouldn't worry about it anyway!


  • Options
    #3
    Sully
    Moderators, Education Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 24,056 Mod ✭✭✭✭Sully


    John_Mc wrote: »
    It wouldn't be technically difficult to have the letter automatically generated by a script which can decrypt your password from the DB.

    I wouldn't worry about it anyway!

    Odds are, thats how its done. Chances of a password being stored in text format would be unusual as its common practise to have some form of encryption.


  • Options
    #4
    ve
    Closed Accounts Posts: 448 ✭✭ve


    It doesn't mean that your password is stored in plain text. When u signed up it could have sent you a confirmation email with details in plain text at the same time it was storing info in db encrypted. To be honest with you there are many ways to break in and steal info, if you are concerned over data protection give them a call. E.g. Could someone else see that email? I'd be surprised if they couldn't.

    Security is the process of reducing risk, not eliminating it.


Advertisement