Subj : Re: The Great Cyberwar Has Just Begun To : Arelor From : Tracker1 Date : Wed Mar 30 2022 11:52 pm On 3/29/22 00:06, Arelor wrote: >> it doesnt matter what we do with passwords or whatever. >> our providers are the ones that arent secure. > > That is something I was thinking myself. > > Heck, even if a given provider has a very secure infrastructure, most > medium sized ones are going to externalize lots of components. Say, I > could have all my customer data managed by my very secure servers, and > then have part of that data processed by a third party. > ... That's generally true, but still, password re-use is a massive issue... on compromised system/account that doesn't hash passwords and/or is a very weak hash (md5 or sha1) means that if your email address is there, there's a much higher chance of escalating the issue(s). Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring from your online store account. -- Michael J. Ryan - tracker1@roughneckbbs.com ---