Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Website security query

  • 16-06-2009 8:30pm
    #1
    Registered Users, Registered Users 2 Posts: 319 ✭✭


    Well folks,

    When I signed up online to switch to AirTricity, I received my username and password information to access my account at their website via snail mail. I'm no rocket surgeon, but does this imply they're storing my password information on their server in plain text format?

    Bit concerned on this, but haven't really paid serious attention to developments around web security/hacking in quite a while...


    PS: Perhaps this thread should be moved to Consumer Issues given it's AirTricity related... given it's a specific query relating to website security I thought it best to start here with you folks.


Comments

  • Registered Users, Registered Users 2 Posts: 2,793 ✭✭✭John_Mc


    Jaeger wrote: »
    Well folks,

    When I signed up online to switch to AirTricity, I received my username and password information to access my account at their website via snail mail. I'm no rocket surgeon, but does this imply they're storing my password information on their server in plain text format?

    Bit concerned on this, but haven't really paid serious attention to developments around web security/hacking in quite a while...


    PS: Perhaps this thread should be moved to Consumer Issues given it's AirTricity related... given it's a specific query relating to website security I thought it best to start here with you folks.

    It wouldn't be technically difficult to have the letter automatically generated by a script which can decrypt your password from the DB.

    I wouldn't worry about it anyway!


  • Moderators, Education Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 24,056 Mod ✭✭✭✭Sully


    John_Mc wrote: »
    It wouldn't be technically difficult to have the letter automatically generated by a script which can decrypt your password from the DB.

    I wouldn't worry about it anyway!

    Odds are, thats how its done. Chances of a password being stored in text format would be unusual as its common practise to have some form of encryption.


  • Closed Accounts Posts: 448 ✭✭ve


    It doesn't mean that your password is stored in plain text. When u signed up it could have sent you a confirmation email with details in plain text at the same time it was storing info in db encrypted. To be honest with you there are many ways to break in and steal info, if you are concerned over data protection give them a call. E.g. Could someone else see that email? I'd be surprised if they couldn't.

    Security is the process of reducing risk, not eliminating it.


Advertisement