|
|
|
|
|
|
by bct
5306 days ago
|
|
|
No, that's not what I meant. It's an analogy - if sites shouldn't store their own passwords in plaintext or reversibly encrypted (which everyone here agrees on - "use BCrypt", etc), then they shouldn't store other passwords in plaintext or reversibly encrypted. They should use something like OAuth instead. |
|
|