On May 27, 2015 at 10:28 bill@herrin.us (William Herrin) wrote:
On Tue, May 26, 2015 at 4:10 PM, Scott Howard <scott@doc.net.au> wrote:
On Tue, May 26, 2015 at 12:28 PM, Aaron C. de Bruyn <aaron@heyaaron.com> wrote:
If they can e-mail you your existing password (*cough*Netgear*cough*), it means they are storing your credentials in the database un-encrypted.
No, it doesn't mean that at all. It means they are storing it unhashed which is probably what you mean.
Hi Scott,
It means they're storing it in a form that reduces to plain text without human intervention. Same difference. Encrypted at rest matters not, if all the likely attack vectors go after the data in transit.
It matters a lot. It means their entire username/password collection can be compromised by various means including by an insider. The usual practice is to store a hash which cannot be reversed (at least not without astronomical computation.) Then when a password is presented (e.g., for login) the hash is computed on that cleartext password and the hashes are compared. Getting a copy of the database of hashes and login names is basically useless to an attacker. It's not encrypted in this case, it's hashed and only the hash is stored. The hash cannot be reversed, only compared to a re-hash of the cleartext password when entered. The OP was correct, if they can send you your cleartext password then their security practices are inadequate, period. Unless I misunderstand what you're saying (I sort of hope I do) this is Security 101. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*