@sophia I've met that guy. He's pretty rad. And smart.
And taught me a lot during his talk about image file forensics (iirc), and how much data remains. πŸ™ƒ

@polychrome It was 8 years ago, so I dunno. I think maybe not because he's the kinda person that likes to stay anon? @sophia

@sophia Identity thieves are famously respectful of the rule of law.

@sophia Storing a password in clear is secure, as it's illegal to intrude in someone else's database.

@sophia
To authenticate you over the phone they ask you three characters from your password, so call center employees can see the plain text passwords too.

@FiXato I remember this, we all gave them an absolute pasting over it

@sophia
it's a shame the original reply from tmobileat is gone
If they'd posted an update with their new security precautions, it could've helped restore some trust in them; now I'm left to wonder if this ever actually got fixed, or if they still store #plainTextPasswords / two-way encrypted passwords, or if they actually switched to a hashed/salted approach.

Sign in to participate in the conversation
glitterkitten

No nazis, no swerfs, no terfs, no nazis.