On Thu, April 28, 2011 11:24 am, Nicholas Leippe wrote: > One of my accounts a while back changed their password method--they > emailed me saying that to "increase security" they had stripped all > non-alphanumerics out of my password! That is disturbing on many > levels.
Ouch. The most disturbing part for me is that it meant they weren't storing a hash, but the actual password itself. -- Matthew Walker HAM Call Sign: N7TOX Kydance Hosting & Consulting, Inc. - http://www.kydance.net/ PHP, Perl, and Web Development - Linux Server Administration /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */