AlienBabelTech Forums
T-Mobile Austria Stores Passwords In Plain Text - Printable Version

+- AlienBabelTech Forums (http://alienbabeltech.com/forum)
+-- Forum: Technology (http://alienbabeltech.com/forum/forumdisplay.php?fid=6)
+--- Forum: Smart Phones (http://alienbabeltech.com/forum/forumdisplay.php?fid=9)
+--- Thread: T-Mobile Austria Stores Passwords In Plain Text (/showthread.php?tid=1899)



T-Mobile Austria Stores Passwords In Plain Text - SteelCrysis - 04-09-2018

https://www.neowin.net/news/t-mobile-austria-stores-passwords-in-plain-text-because-its-security-is-amazingly-good
Yet further proof that computer security isn't taken seriously.
Quote:This essentially means that a potentially rogue customer service agent who accesses the first four characters can generate the remaining part of the passwords with relative ease using a brute-force method. And if there's a data breach, the passwords will be available to the attacker in plain text. When this was explained to the T-Mobile representatives, they went on to state how there is nothing to fear because T-Mobile's security is "amazingly good".
...
While T-Mobile Austria customers have genuine reasons to be worried, T-Mobile CEO John Legere has clarified that the company's US division doesn't store passwords in plain text.



RE: T-Mobile Austria Stores Passwords In Plain Text - SteelCrysis - 04-10-2018

T-Mobile Austria will now salt and hash passwords: https://www.neowin.net/news/t-mobile-austria-succumbs-to-public-pressure-will-now-hash-customer-passwords