The million dollar question is: WHY is Yahoo is storing plaintext passwords in their backend database. Do these companies ever learn?
dude. no. they dont. rhetorical question :D
'Cause mediocrity takes a lot less time and most people won't notice anyway?
Mountain View, CA
nope. i see people still thinking md5($password . $salt) is safe in 2012. security education needs to start earlier.
really could they be that dumb
Unbelieveable right...**Yahoo**....I guess only way companies care is if they start getting sued for hundreds of millions
Should be encrypted in md5, although brute force or dictionary attack could get them easy too.
Pure laziness. Quite unbelievable really. More monitoring of standards is required.
You should know by now that the answer is no, they never learn.
Nope, most companies will never learn. What happens in the past repeats itself constantly.
that database probably hasn't been touched since the 90's, lol
because they can. Becase they're lazy. Because they don't care about client security... Who knows....
hoping pin codes will provide them more liquidity
They probably never will, and that's why we're existing. It's like the Yin and Yang of the security world. Sort of.
At least a Telnet Daemon isn't running on the Yahoo! Voice server. I checked. Just in case.
Vancouver, BC, Canada
Yes, I’d guess a combo of laziness and legacy backwards compatibility to keep a mess of systems glued together
Paradise Valley, Arizona 85253
Read 'The Big Short' by Michael Lewis? Even tho it's about the mortgage crisis they have never ending "and no one saw this?"
You are Yahoo's product, not their customer. They make money by selling info about you. Why protect your passwords?
Not that Yahoo is unique in that regard.
endlessy hiring rookies, firing those who learned from earlier mistakes ensures more mistakes and the illusion of cost cutting
Why would anyone have anything to do with Yahoo full stop? 99.9% of spam/scam email I receive comes via a #Yahoo address.
Ghost In The Wire, was such an awesome book! Couldn't put it down, even my GF read it. You are truly inspiring mate :) Bigups!
Same reason so many people still use one password for everything, or just save them all in a file. Laziness and money. :/
couldn't agree more! They are on d way to screwing up, god save
password protection is the packaging you put around your product to prevent it from being damaged. No excuses!
They are operating on a similar equation to the one Edward Norton uses in Fight Club. "If X is less than the cost of a recall"
No, these comp,its don't ever learn. That's why they are legally considered people :-)
I think the million dollar question here is WHO actually uses Yahoo services and is this being overhyped?
the REAL million dollar question is, what's "Yahoo"?
São Paulo / Brazil
:) The two million dollar answer: No, they will never learn! sad but true...
yeah, I never did this and I ran a small company. It's like they want something bad to happen.