cdave: (Default)
cdave ([personal profile] cdave) wrote 2008-11-03 10:19 pm (UTC)

I get annoyed with the whole "third character of your password" bit, as it means they clearly have my password saved as plain text. A decent site encrypts (makes a signature) your password when it's entered, it's only ever stored unencrypted in RAM for a fraction of a second. Then they just compare signatures.

It means it's not possible to stick the keys on a USB drive and drop it in a carpark!
(7 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.