1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Microsoft Store India hacked

Collapse
X
1 to 4 of 4 Previous template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 4 of 4 Previous template Next
    #1

    Microsoft Store India hacked

    Microsoft Store India database hacked | Ubergizmo

    Apart from that, the database has also been exploited, and with all the passwords saved in plain text, the damage borders on the catastrophic compared to just a website being defaced.
    Passwords saved in plain text.
    Speaking gibberish on internet talkboards since last Michaelmas. Plus here on Twitter
    Tags: None
    #2
    Originally posted by MrMark View Post
    Microsoft Store India database hacked | Ubergizmo



    Passwords saved in plain text.
    Its a standard part "feature" of the membership provider .
    merely at clientco for the entertainment

    Comment

      #3
      Originally posted by eek View Post
      Its a standard part "feature" of the membership provider .

      Depends really on the which provider and what configuration of the provider. In aspnet sql membership provider for example, the configuration allows passwordFormat="[Clear|Hashed|Encrypted]". If the developers are foolish enough ( see my code snippets thread) to set the format to be clear text it is not the "feature" to be blamed.
      Vote Corbyn ! Save this country !

      Comment

        #4
        Originally posted by fullyautomatix View Post
        Depends really on the which provider and what configuration of the provider. In aspnet sql membership provider for example, the configuration allows passwordFormat="[Clear|Hashed|Encrypted]". If the developers are foolish enough ( see my code snippets thread) to set the format to be clear text it is not the "feature" to be blamed.
        To be frank clear should not be an option and it definitely should not be the default option. Because it is an option people use it (including various "developers" in projects I've inherited) have used it and it leaves a mess that cannot sensibly be solved.
        merely at clientco for the entertainment

        Comment

        Reply to Thread
        1 to 4 of 4 Previous template Next

        Advertisers

        1. Contracting
          1. General
            1. Brexit
          2. Business / Contracts
            1. Coronavirus Assistance
          3. Accounting / Legal
            1. Umbrella Companies
            2. HMRC Scheme Enquiries
            3. The Future of Contracting
            4. IR35 Reform
          4. Technical
          5. Welcome / FAQs
        2. Social
          1. Light Relief
          2. Social / Events
        Working...
        X