top | item 32979656 (no title) ollifi | 3 years ago I sort of wish companies would not have employees passwords. Hashing should be standard practice. discuss order hn newest ovi256|3 years ago It must be, but publishing old passwords can still be done by saving the old cleartext password on password change. BeFlatXIII|3 years ago As in store "old password" as cleartext on its final use? load replies (1) dotancohen|3 years ago The last password, to be posted, could be stored in plain text on the password change form submit action. Before that it is only ever committed to permanent storage as a hash.
ovi256|3 years ago It must be, but publishing old passwords can still be done by saving the old cleartext password on password change. BeFlatXIII|3 years ago As in store "old password" as cleartext on its final use? load replies (1)
dotancohen|3 years ago The last password, to be posted, could be stored in plain text on the password change form submit action. Before that it is only ever committed to permanent storage as a hash.
ovi256|3 years ago
BeFlatXIII|3 years ago
dotancohen|3 years ago