Zorba the Hutt (zorbathut) wrote,
Zorba the Hutt

passwords and security

Wikipedia is currently under a little fire for leaking information about users' passwords.

I'm not going to get into details on whether they should have released the info or not. I am going to say, however, that they shouldn't have had that information available to begin with. It's simple to build an authentication system for a website where not only are you unable to retrieve anyone's password, but you're not able to tell who has the same password. And this should have been one of those systems.

Yes, this means any website that has a "retrieve your password" feature is badly designed. The proper feature to have is a "reset your password" feature. If they *can* retrieve your password, they're not guarding it appropriately.

Just FYI.
  • Post a new comment


    default userpic

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.