id="info"

General discussion

Locked

danger in double use of passwords

By john.a.wills ·
Tags: Cloud, Security
Most reputable password-protected installations, including the network of PCs on which I log in every day to work, shuffle the password for storage, and shuffle input passwords to compare with the stored shuffled password. Someone who forgets his password gets issued with a new one - which, normally, has to be changed on first use.

Today I came to a website I had not logged on to for months. I had forgotten my password, so I asked for an updating email. I got one very quickly: it showed the same password I had been using for my local network. Obviously I had used the same password twice (some I use in more than 2 places, though usually with slight variants...), assuming the usual shuffling practice; equally obviously this site (evisions, for those who want to know) stores passwords in clear. That does not mean they are visible to all the world, but it reduces confidence.

What other installations store passwords in clear?

I have, of course, changed my network password.

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Google Chrome browser

Anyhow last reports I read say it stores passwords in clear text.

Collapse -

That is interesting...

by tcavadias Staff In reply to Google Chrome browser

Hadn't realized Google Chrome does that... does make you wonder just how many out there do this, which leads to less confidence from the part of the user.

Collapse -

Just another reason I prefer not to use Google Chrome,

by wizard57m-cnet Moderator In reply to That is interesting...

however, they are not the only one! Firefox did as well. Though Firefox offers to use a master password and encryption. Read this...
http://www.itnews.com.au/News/352619,chrome-firefox-store-saved-passwords-in-plain-text.aspx

and this
http://www.theguardian.com/technology/2013/aug/07/google-chrome-password-security-flaw

I've been using Opera for 15 years or more, but even in Opera I don't use the password manager that is built in. Haven't studied the latest chromium/blink based Opera to see if it inherits this behaviour, the versions I use store them encrypted supposedly, with a master password. I still use, are you ready for this...ZDNet's Password Pro, hehe! On my Windows PCs anyhow!
It never ceases to amaze me what people give up in the name of convenience!
Wiz

Collapse -

Double use of password

by Simply_Michael In reply to danger in double use of p ...

Yes you are right, it means at this point of website the security concern is low. we should aware of that thank you.

Collapse -

0 VOTES danger in double use of passwords

by T9RKELL In reply to danger in double use of p ...

I have begun using 2 factor authorization on my Google account. I feel safer now but of course it's a bit of frustration if phone is not in the pocket.

Back to Cloud Forum
5 total posts (Page 1 of 1)  

General Discussion Forums