Idiots,
Passwords are not stored in a modern system. A one way cryptographic hash is stored instead. In reality, passwords are not checked directly. They are run through a complex hashing program that CAN NOT BE REVERSED and the output of the hash is stored.
To verify a password, the submitted password is put through the same hash and the output is compared to the stored hash. If they match then the proper password has been submitted.
If any company is storing passwords in the open or even in encrypted form, they are going to get sued for doing this. We store customer passwords as one-way hashes exactly so these types of requests can never be complied with.
Send the Obama morons the cryptographic hash data and let them spend the next several years trying to reverse them. Nitwits.
If you want to know more details about system security, sign up for SANS classes. They are worth the time and money.
unless those companies have been doing a man in the middle attack to obtain passwords as needed
and yes, i would expect they would dnload kiddie porn onto a targets machine in order to implicate him
For those of us who are somewhat knowledgeable, but not hackers, can you give us a real world made-up example so it can more easily be grasped?
On the other hand, if they turn over the stored hash, then conceivably if they require the web companies to change how they respond to password requests, then they don’t need the password.