1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Reply to: Microsoft Store India hacked

Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "Microsoft Store India hacked"

Collapse
  • eek
    replied
    Originally posted by fullyautomatix View Post
    Depends really on the which provider and what configuration of the provider. In aspnet sql membership provider for example, the configuration allows passwordFormat="[Clear|Hashed|Encrypted]". If the developers are foolish enough ( see my code snippets thread) to set the format to be clear text it is not the "feature" to be blamed.
    To be frank clear should not be an option and it definitely should not be the default option. Because it is an option people use it (including various "developers" in projects I've inherited) have used it and it leaves a mess that cannot sensibly be solved.

    Leave a comment:

  • fullyautomatix
    replied
    Originally posted by eek View Post
    Its a standard part "feature" of the membership provider .

    Depends really on the which provider and what configuration of the provider. In aspnet sql membership provider for example, the configuration allows passwordFormat="[Clear|Hashed|Encrypted]". If the developers are foolish enough ( see my code snippets thread) to set the format to be clear text it is not the "feature" to be blamed.

    Leave a comment:

  • eek
    replied
    Originally posted by MrMark View Post
    Microsoft Store India database hacked | Ubergizmo



    Passwords saved in plain text.
    Its a standard part "feature" of the membership provider .

    Leave a comment:

  • MrMark
    started a topic Microsoft Store India hacked

    Microsoft Store India hacked

    Microsoft Store India database hacked | Ubergizmo

    Apart from that, the database has also been exploited, and with all the passwords saved in plain text, the damage borders on the catastrophic compared to just a website being defaced.
    Passwords saved in plain text.
    Tags: None

Advertisers

  1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
Working...
X