Yeah and whoever designed that system needs to be fired. 40 years ago you could maybe call it a reasonable mistake (although it wasn’t really acceptable even back then), but these days anyone storing plaintext passwords anywhere is bordering on criminal negligence. Unless you have a damned good reason passwords should be hashed, but at a minimum at least encrypted with something reasonably secure.
If it was anyone hired by the current administration to be the security software engineer, I’d imagine it being someone severely under qualified with some kind of reality TV, media background who probably only mentioned “I stayed at a Holiday Inn last night…” when asked if they had any security authentication background. The interviewer probably just got a grand kick out of that response and after an intense belly laugh said, “Fuck it, you’re hired!”
Yeah and whoever designed that system needs to be fired. 40 years ago you could maybe call it a reasonable mistake (although it wasn’t really acceptable even back then), but these days anyone storing plaintext passwords anywhere is bordering on criminal negligence. Unless you have a damned good reason passwords should be hashed, but at a minimum at least encrypted with something reasonably secure.
I’d like to say that nobody cared about security even 25 years ago, but in government, they have ALWAYS cared about security.
Salt it, hash it, put it in a stew.
I would argue that there is no such thing as a good reason to store plain text passwords.
They are not saying that you should have a good reason to store plain text, but to have a good reason not to hash, but only to encrypt.
If it was anyone hired by the current administration to be the security software engineer, I’d imagine it being someone severely under qualified with some kind of reality TV, media background who probably only mentioned “I stayed at a Holiday Inn last night…” when asked if they had any security authentication background. The interviewer probably just got a grand kick out of that response and after an intense belly laugh said, “Fuck it, you’re hired!”