Skip to comments.Facebook says it stored millions of passwords in plain text
Posted on 03/21/2019 12:17:25 PM PDT by bgill
click here to read article
Facebook is run by liberals - they don’t give a damn about anyone’s security... Not ours - not even fellow liberals.
Wow, Facebook appears to have the award for sleazy untrustworthy employees.
Get to it, Google. You know you’re number 1.
But only conservatives!
In UNIX, /etc/passwd, was it? Maybe /etc/pwd? encrypts automatically.
(Sorry, I haven’t used UNIX in over 10 years...but I did use it quite a bit during the 1990’s and into the 2000’s).
My project is being delayed in order to absolutely encrypt and un-encrypt one field. Nothing moves forward til we get resources to assist us. That is insane to store it in simple text.
Bump and Amen!
Especially when you mistype a password when encrypting something. Been there, done that. Lost access, arghh!
It was /etc/passwd, and still is. And yes, the password has always been stored in a "hashed" format, with the old-style hash using a 56-bit DES encryption algorithm. But that was judged too easy to crack with modern techniques, and was replaced years ago by a variety of other more robust algorithms. Unix and Linux now store even the hashes in files that are unreadable by regular users (/etc/master.passwd, /etc/shadow).
I am unaware of any Unix (or Linux) system that stores passwords in plaintext, unless you go out of your way to specify that (I think openLDAP permits it but discourages it).
The jokers at Fakebook were either being monumentally stupid, or outright malicious. Your choice.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.