Also a case study on how not to store passwords. They enforce a maximum length on the user's password. It's something short, like 12 chars. The only reason they would enforce a maximum length is if they were storing the plaintext password in a database somewhere.
No comments yet.