Friday, June 3, 2011

Why store passwords, especially in plain text?

The achilles heel of cloud computing seems to be the security settings: so many systems seem to store user passwords, and in un-encrypted form, making the systems a valuable target for hackers. Today there's news of a further 1 million Sony system accounts breached, and in April the company was subject to a hack that stole 77 million account records. Why on earth didn't they encrypt the passwords if they were going to store them?

System designers need to get more thoughtful about the information they record and how they store it. Expect users increasingly to demand assurances of safety.
Get more like this