|
|
|
|
|
|
by davidu
5277 days ago
|
|
|
While it's possible that this is true, it's still exceptionally bad practice. Reversible encryption, particularly when stored server-side, which is almost always going to be the case, and even if using a HSM, isn't entirely different from plaintext when the attacker holds the keys. |
|
|