.

Spot the problem.....

<<

S3curityM0nkey

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon May 16, 2011 6:47 pm

Post Tue Aug 28, 2012 8:05 pm

Spot the problem.....

Can anyone see the problem with the tech guys reply?

https://gist.github.com/3497955

:-\
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Tue Aug 28, 2012 8:25 pm

Re: Spot the problem.....

**raises hand**

1) They will snail mail your password to you....

2) To an ADDRESS YOU CAN CHANGE!!!
<<

S3curityM0nkey

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon May 16, 2011 6:47 pm

Post Tue Aug 28, 2012 8:47 pm

Re: Spot the problem.....

.....AND.....
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Tue Aug 28, 2012 8:50 pm

Re: Spot the problem.....

Well, the whole hint giving thing is just weird.

"Your password rhymes with 'nassword'"

and starts with a P and ends with a D.

???

Why even have passwords. Just use the honor system ;)
<<

S3curityM0nkey

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon May 16, 2011 6:47 pm

Post Tue Aug 28, 2012 8:57 pm

Re: Spot the problem.....

So do you  think they store the password in clear text... and the tech support people have access to view your password!

"A hint to your password is that it begins with s and ends with j"

Bit of a fail I think!
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Tue Aug 28, 2012 9:02 pm

Re: Spot the problem.....

Didn't even think of that. Wow.

The more I learn about security, the less evidence I see of it being used.
<<

shadowzero

User avatar

Full Member
Full Member

Posts: 120

Joined: Sat Jun 02, 2012 10:03 pm

Post Tue Aug 28, 2012 10:11 pm

Re: Spot the problem.....

SecurityMonkey wrote:So do you  think they store the password in clear text... and the tech support people have access to view your password!

"A hint to your password is that it begins with s and ends with j"

Bit of a fail I think!


I assumed that was more like a hint the user provides to himself, like "My mother's maiden name" sort of thing.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Aug 28, 2012 11:27 pm

Re: Spot the problem.....

shadowzero wrote:
SecurityMonkey wrote:So do you  think they store the password in clear text... and the tech support people have access to view your password!

"A hint to your password is that it begins with s and ends with j"

Bit of a fail I think!


I assumed that was more like a hint the user provides to himself, like "My mother's maiden name" sort of thing.


Hah, that's where I went too. I can envision the scenario where he forgot he set his own password hint that way and proceeds to get all uppity because he thought they were storing the password in plain text and giving out random hints.

Bonus points if the only reason he used that password hint was because they wouldn't let the hint contain the password itself :D
The day you stop learning is the day you start becoming obsolete.
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Wed Aug 29, 2012 2:15 am

Re: Spot the problem.....

its a good sing they using the plaintext protocol or an encryption that can b reserved but both are really bad.
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software