Y
Hacker News
new
|
ask
|
show
|
jobs
by
majewsky
2768 days ago
This requirement is technically fulfilled by encrypting transmissions with TLS and storage with disk encryption like LUKS or Veracrypt. It does not really say anything about password hashing.
1 comments
tyingq
2768 days ago
The screenshot shows that the plaintext password was sent over SMTP. So it isn't meeting that bar either.
link
bausshf
2764 days ago
What makes you think it's SMTP and not SMTPS?
link
tyingq
2755 days ago
Because you can't force the endpoints of your customers to all support that.
link