2022년 3월 31일
In Get Started with Your Forum
So you think your password is secure? Maybe you have a system for remembering your password that allows you to use a complex password? Well, good for you. Unfortunately, your password is still not secure.The problem is that you simply cannot trust the website you are giving your password to. What kind of encryption do they use to store your password (if any)? Encryption (as I'll talk about later) is a way to turn your password into a secret code that's harder for hackers to crack. I've lost track of how many websites send you your password in the clear with their welcome email. I posted about this a while back on a Google+ post. It's not just bad practice, it's almost criminal! They showed no respect for storing your personal data by storing your password in plain text in their database. Not only that, but they sent your password employee data in plain text in an insecure email. When an email is sent, it can traverse many different servers around the world and potentially be "seen" at any time during its journey. If an attacker sniffs your email, But, it doesn't stop there. I'm sure you're not one of the many people who use the same password for multiple accounts, right?! Of course not! However, think of the many people who use the same password on all their accounts. If this attacker gained access to this account, they could also potentially gain access to your email account. Now is where the really bad news begins. Once they gain access to your email account, they can change the password and lock you out and start resetting your passwords for all your other accounts.