Unencrypted password storage
Gates, John
jgates at lphs.org
Tue Nov 10 07:27:29 EST 2015
You are storing passwords for AIM accounts etc in xml in plain text. This is a security concern for sure. Do you have any plans to add at least an MD5 hash to this data?
Best Regards,
John Gates
Manager of Information Systems
Lake Park High School
SNUG SunGard National Users Group Director at Large
(630)295-5219
Let's Connect!
[twitter]<https://twitter.com/johngatesIII> [linkedin] <http://www.linkedin.com/in/JohnGates>
This email may contain information that is confidential or attorney-client privileged and may constitute inside information. The contents of this email are intended only for the recipient(s) listed above. If you are not the intended recipient, you are directed not to read, disclose, distribute or otherwise use this transmission. If you have received this email in error, please notify the sender immediately and delete the transmission. Delivery of this message is not intended to waive any applicable privileges.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20151110/0bfd18f9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5252 bytes
Desc: image001.png
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20151110/0bfd18f9/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 2231 bytes
Desc: image002.png
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20151110/0bfd18f9/attachment-0001.png>
More information about the security
mailing list