I am always pissed off when I discover that a site I use is a plaintext offender. Well, if they are mom and pop establishments that do not deal with money or personal data, I might exhibit a wee bit of tolerance. However, large cooperations have no excuse especially since salting and hashing is such a simple operation. Some sites I have come across include WileyPlus, the online teaching environment as well as surprise, surprise, the submission portal for the International Journal of Information Security(IJIS). You think that with so many postgrad security majors submitting their papers, someone would have raised a stink over it.
IJIS plaintext offender
Tags:
Security
Similar Articles
Authenticating with NRIC numbers (97% Similar) - I was recently asked to take a survey which authenticated users solely using IC numbers. According to guideline 6 of PDPC's advisory on the use of NRIC numbers, NRIC numbers are widely used for ...
On Physical Authentication (96% Similar) - Recently, I moved into a new environment and had the opportunity to witness a number of processes. This experience further reinforced in me the importance of policies over technical measures. ...
Bank Token Teardown (95% Similar) - My hardware token ran out of battery recently. Before throwing it out, I opened it up to remove the battery so I can dispose of it separately. I decided to take the opportunity to sneak a quick ...
Reasonable use of personal data (95% Similar) - I had to place an obituary in the Straits Times recently. SPH offers an online service where you can use their tool to design the obituary and make payment, all without going down to their ...