Stephen_McCloskey's WebLog

Tripping through the managed landscape.

  • Stephen_McCloskey's WebLog

    More on password sniffing

    Here are some articles about password sniffing and real-world systems. Documented accounts of successful password sniff attacks do actually exist. (I’m not trying to pick on the OSS folks when it comes to poor password handling, but the two...
  • Stephen_McCloskey's WebLog

    Apps that email passwords

    Why does the administrative site send your plaintext password to you in email whenever you change it? This strikes me as a bad idea. For that matter, why doesn’t the site use https on the page that allows you to change your password...
Page 1 of 1 (2 items)