[PET] irony

Steven Bellovin smb at cs.columbia.edu
Mon Sep 12 23:27:03 BST 2011


On Sep 1, 2011, at 8:03 18AM, R J Cronk wrote:

> Does anyone else find it ironic that the service this lists uses stores passwords in plaintext?  
>  
While it would be better if the web form used https, I regard the plaintext password as commensurate with the value of the resource being protected -- this is hardly a secret list with high-value, restricted content.   As someone else noted, leave it out when you sign up; if you ever need it, it will be emailed to you in the clear.


		--Steve Bellovin, https://www.cs.columbia.edu/~smb







More information about the PET mailing list