@sophia I've met that guy. He's pretty rad. And smart.
And taught me a lot during his talk about image file forensics (iirc), and how much data remains. πŸ™ƒ

@polychrome It was 8 years ago, so I dunno. I think maybe not because he's the kinda person that likes to stay anon? @sophia

@sophia Identity thieves are famously respectful of the rule of law.

@sophia Storing a password in clear is secure, as it's illegal to intrude in someone else's database.

To authenticate you over the phone they ask you three characters from your password, so call center employees can see the plain text passwords too.

@FiXato I remember this, we all gave them an absolute pasting over it

it's a shame the original reply from tmobileat is gone
If they'd posted an update with their new security precautions, it could've helped restore some trust in them; now I'm left to wonder if this ever actually got fixed, or if they still store #plainTextPasswords / two-way encrypted passwords, or if they actually switched to a hashed/salted approach.

Sign in to participate in the conversation

No nazis, no swerfs, no terfs, no nazis.