Forgot your password?
This discussion has been archived. No new comments can be posted.

eBay Japan Passwords Revealed As Username+123456

Comments Filter:
  • by Todd Knarr (15451) on Thursday March 27, 2014 @03:53PM (#46595579) Homepage

    If the password was set by the system, either during a password reset or initial account creation, the first thing I do is change the password to a random one my password manager program's generated. Why were these accounts still using the system-created password? Also, the article seems to conflate two uses of the term "salt": the random nonce used to insure the stored hash value isn't the same for two different accounts that picked the same password, and the random string used in the plaintext of the initial password to avoid a trivially-guessable "password same as username"-type case. The two aren't at all the same.

  • Re:Obligatory (Score:2, Insightful)

    by Anonymous Coward on Thursday March 27, 2014 @04:34PM (#46595999)

    Introducing easter eggs is enough to get fired, if your employer takes quality seriously.

    Introducing an idea to add proper entropy calculation of all passwords can help you get a raise. Of course, if you implement it by "if char.isUpper(): entropy += 5" then you should also be fired...

  • by fullback (968784) on Thursday March 27, 2014 @04:51PM (#46596197)

    I've lived in Japan for over 20 years and I, like probably most people in Japan, didn't know it even existed.

2.4 statute miles of surgical tubing at Yale U. = 1 I.V.League