|
|
|
|
|
|
by someguy1234
3581 days ago
|
|
|
Yeah, they have to because of how they work. As much as possible they do via SAML, and for that no plaintext is needed. But a lot of their customers want to log in to sites that don't support SAML (it's hard). For those they do form stuffing - naturally that requires plaintext. Source: worked in the industry at a more security-focused company, had to explain to sales/support a few times why they can support a site but we can't. |
|
|