How to spot a site that stores plaintext passwords


Here's a screenshot of the password requirements for a site. The's one really suspect thing about it that strongly suggests that the passwords are stored in plain text in their database instead of being hashed/encrypted - there's a limit to the password length. The instructions say the password must be no more than 14 characters long, were it stored properly it would be able to accept a much longer password. While I applaud them in being able to accept non-alphanumeric aka "special" characters, needlessly limiting its length is a step backwards.

Bowling pros!


My friend and fellow Drupaller, Matt Goodwin, and I were invited to do something together as a team building thing for work. After some discussion we decided to have a family bowling night so both families could finally meet and have some fun together. Needless to say that it brought out my competitive streak and... I completely flubbed :-) That said, I was carrying our toddler at the time of my two spectacular turns, though he also helped me with the strike ;-) We had a lot of fun, and we look forward to doing something similar again. Did I mention that I love working for Mediacurrent? :-)


Subscribe to photo