Quote:
|
Originally Posted by selena
When you say obscuring them, what do you mean? (in the context of passwords)
|
Actually I meant two things which ended up in one bad sentence.
From a developers point of view, don't have the script just save raw passwords but use MD5 or another irreversible algo.
More importantly from a 'users' point of view, don't use simple passwords but throw in a mix of numbers, upper and lower case letters, etc. This last point is highly valid in general, but of course not very relevant in this particular situation since the asshole in question didn't even have to guess or use brute force.