Major Web Sites Routinely Expose User Passwords by Using Plain Text
It’s something impossible to avoid in the online world: using passwords. But an investigation showed thousands of websites routinely expose these electronic safety measures to anyone.
Jeff Fox wrote in his State of the Net blog that companies routinely reveal passwords in plain text while emailing customers. This can happen when a user forgets a password and asks for it to be sent to him or her. Among those who Fox has caught doing this are AT&T, The New York Times, Macy’s and Princess Cruises.
Users often use the same password for more than one account, so exposure on an online shopping service could lead to a hacker accessing a bank account.
Rick Redman, a senior security consultant at KoreLogic Security, told Fox that sending passwords in plain-text invites a user’s account to be compromised”
“It also means that the company not only KNOWS your password, but stores it in a method that anyone can see…it is an insult to the customer. In my mind, it is the same as saying, ‘we do not care about your security,’” Redman said.
Fox recommends that users have a different password for each website, use a password manager and use two-factor authentication when it’s available. Examples of two-factor authentication are a bank card and a pin number; a password and a fingerprint, and a password and a security question.
To Learn More:
Passwordgate: Thousands of Websites Have Been Openly Exposing User Passwords (State of the Net.net)
Sony Emails Show a Studio Ripe for Hacking (by Ted Bridis, Associated Press)
- Top Stories
- Unusual News
- Where is the Money Going?
- U.S. and the World
- Appointments and Resignations
- Latest News
- Pentagon Orders 10,000 Soldiers to Repay Bonuses a Decade after Serving in Middle East
- Retirement Plans are Worse for Teachers, Charities, Clergy and Non-Profits
- Opposition to Cleveland Indians’ Name and Logo to Get Bigger Spotlight at World Series
- Taking a Selfie is taking a Risk When You Cast Your Ballot … If You Don’t Know State Law
- Texas Included State’s Drunk Drivers and Child Support Evaders in Tally of “High-Threat” Immigrant Border Arrests