|
|
|
|
|
|
by Vinnl
3431 days ago
|
|
|
If people entered their good passwords on your site without noticing that it was unencrypted, then great, they should now consider that password compromised... As a user, as soon as I notice it's unencrypted, I'm _going_ assume the password is also probably not encrypted nor salted, and other users will probably have done so. (Of course, even better would be a different password per site, but...) |
|
|