Hacker News new | ask | show | jobs
by chrisfarms 3892 days ago
Whenever I see those sorts of limitation I assume there's probably some kind of poorly handled escape situation to exploit and their fix was "well just don't allow that pesky < character"
1 comments
JoshTriplett 3892 days ago
> Whenever I see those sorts of limitation I assume there's probably some kind of poorly handled escape situation to exploit

Which, in turn, implies that some system handles the password as plaintext rather than via a password-appropriate digest.

link