Timeline for Is there an official standard regarding user password storage practices?
Current License: CC BY-SA 3.0
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 10, 2011 at 4:51 | vote | accept | Carson Myers | ||
| Apr 19, 2011 at 6:51 | answer | added | Brad | timeline score: 5 | |
| Apr 19, 2011 at 4:06 | comment | added | Carson Myers | @Tim thanks, I guess I didn't think it would be dependent on the country. | |
| Apr 19, 2011 at 3:11 | comment | added | user131 | What you're asking really depends on legislation in your country. We all know the best practice is to store a salted one way hash using a collision proof algorithm, however unless there's a law that spells this out, it really applies selectively. I suspect, however that you might be able to find something that looks 'official' if you dig through ISO regarding human resource management. | |
| Apr 18, 2011 at 23:49 | comment | added | Carson Myers | lol that's awful. I wish people would stop doing that. | |
| Apr 18, 2011 at 23:04 | comment | added | thursdaysgeek | I got the same thing from VMWare about a year ago, but not because I had forgotten my password. I had just signed up, and knew the password I had just entered, and they emailed it back to me in plaintext. Thanks, I already knew that! | |
| Apr 18, 2011 at 22:49 | history | asked | Carson Myers | CC BY-SA 3.0 |