Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Eircom storing passwords in the clear

Options
13»

Comments

  • Options
    #62
    gerryk
    Registered Users Posts: 1,726 ✭✭✭gerryk


    tunedout wrote: »
    HI Gerry, what does the backup do? Does it mean if i don't have the backup i could lose all my passwords?

    Pretty much, yes. Basically, the best practice for any data would be to have more than one copy... preferably in separate locations, and if possible separate formats. So, what I do is weekly, download my lastpass database, and sent it to my Dropbox, and copy it to a flash memory device.

    I do this with most data I consider important.


  • Options
    #63
    lynchie
    Registered Users Posts: 1,994 ✭✭✭lynchie


    webmail.eircom.net has been storing passwords in plain text for well over 10 years at this stage. A friend of mine who worked in CS while we were back in college was able to tell most of us in our class what our passwords were. Seems nothing has changed since!


  • Options
    #64
    gerryk
    Registered Users Posts: 1,726 ✭✭✭gerryk


    eircom: Tony wrote: »
    Hi gerryk
    I should have some feedback soon on this soon.
    Tony

    6 weeks later, still nothing. Your defintion of 'soon' is obviously somewhat different from mine, Tony.

    BTW, I have recurring reminders to revisit this every month, so I'm going to bump it repeatedly until we have an answer. Sorry to be a PITA but it's important to see that you are doing the right thing,


  • Options
    #65
    allen175
    Registered Users Posts: 1,042 ✭✭✭allen175


    In mid decemeber, they did review the security policy in regards to the availability of the email passwords, they are no longer stored in the clear for agents to view. even with security questions answered they do not have access to the passwords.

    Hope this answers your question gerryk.


  • Options
    #66
    gerryk
    Registered Users Posts: 1,726 ✭✭✭gerryk


    Allen175, it would, if it was officially stated by an Eircom rep. However, with due respect to yourself, you are just a person, so it means little.


  • Advertisement
  • Options
    #67
    gerryk
    Registered Users Posts: 1,726 ✭✭✭gerryk


    eircom: Tony wrote: »
    gerryk wrote: »
    Hi Tony et al... 6 weeks on from the last comment from you. Anything from your security review yet?


    Hi gerryk
    I should have some feedback soon on this soon.
    Tony
    Hi Tony... it is approaching a year since this thread was alive, and there is still no official position taken by Eircom. Worse yet, the password policies in the new MyMeteor site raise some alarming questions regarding the security of that site also.

    It seems that your security policies are generated with complete lack of awareness of industry best practise. It costs the same to do things well as to do them badly, and yet here we are with some incredibly misguided security decisions.

    I'll tell you how to do it right for free!


Advertisement