[plug] ISPs storing plain-text passwords...

Kim Covil kimc at ned.dem.csiro.au
Tue Aug 7 00:25:11 WST 2001


> Personally i would be a lot more worried about someone having my CC
> details than my password. There isn't really a lot someone can do with
> your password, and its fairly easy to track down what they've been
> doing. But with my CC details, thats going to cost me money.

True... however there are processes in place such that unauthorised use
of your credit card can be reclaimed from your credit card provider... I
don't see anyone giving me back my machine if it has been cracked...

> > of different bits of information that could be used for phone
> > verification... I don't think giving someone my account password over
> > the phone should be one of them... If they want a phone-verification
> > Pass-word then they should ask for one as video-stores do... At least
> > then the damage is limited to the one account at the ISP...
> 
> Ahh, but you were just saying people find it hard to remember their
> password. Now you want them to have 2. :)

The second one isn't likely to have a combination of upper and lower
case characters, numerals and special characters...

Cheers

Kim

-- 
====================================================================== 
Kim Covil - CSIRO Exploration & Mining  E-mail: kim.covil at dem.csiro.au
            PO Box 437, Nedlands,       Tel: +61 8 9284 8425    ,-_!\
            Western Australia  6009     Fax: +61 8 9389 1906   /     \
                                                               *_,-._/
=================================================================== v 
   Please direct all personal e-mail to kimbotha at covil.com.au



More information about the plug mailing list