Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User reywob
(learned) Mon 10-Feb-14 12:03:11
Print Post

Normal for ISP portal passwords to be stored unhashed?


[link to this post]
 
Coms.com (formerly ADSL24) were able to tell me my portal password over the phone (which I already knew, and without doing a security check). This means it's either stored as plain text (likely) or with 2-way encryption, rather than hashed.

Is this standard practice amongst ADSL suppliers? It certainly isn't for any companies I develop web apps for...
Standard User Pipexer
(eat-sleep-adslguide) Mon 10-Feb-14 18:01:07
Print Post

Re: Normal for ISP portal passwords to be stored unhashed?


[re: reywob] [link to this post]
 
Yes very common - plusnet for one, the operators have it on the screen.

Zen 8000 Pro
Standard User Pipexer
(eat-sleep-adslguide) Mon 10-Feb-14 18:01:21
Print Post

Re: Normal for ISP portal passwords to be stored unhashed?


[re: Pipexer] [link to this post]
 
Oh and o2....

Zen 8000 Pro


Register (or login) on our website and you will not see this ad.

Standard User reywob
(learned) Mon 10-Feb-14 18:22:25
Print Post

Re: Normal for ISP portal passwords to be stored unhashed?


[re: Pipexer] [link to this post]
 
Yikes, thank you! Glad I hadn't used my standard passphrase scheme for them...
  Print Thread

Jump to