top | item 7245369

(no title)

Ah yes, here's another website that stores "encrypted passwords." What's an encrypted password, again?

More seriously, why is the social convention to lie in these situations? Why not just say what methods they were actually using?

I suppose it's possible they were storing encrypted passwords. But then an attacker would be able to break all of them at once.

discuss

kenrikm|12 years ago

Hashed Passwords, layman don't know what a "hash" is so they use the term encrypted since most people know what that is (even if it's incorrect terminology) It's pretty clear when they say that a weak or obvious password would be easier to crack, hash tables.

sillysaurus2|12 years ago

True, but we'll never know if they used unsalted SHA1 or scrypt. Is there no value in putting a technical note at the end of press releases like this?

unknown|12 years ago

[deleted]

wglb|12 years ago

Hashing is sometimes known as "one-way encryption."