[Year 12 SofDev] Password Security @ TSSM
Tyler, Simon J
tyler.simon.j at edumail.vic.gov.au
Wed Jul 19 22:19:06 AEST 2017
Hi everyone,
I've recently spent a little time going over hashing with my students, including their use in hash tables, file authentication and password verification & the need for salted hashes. Lots of good resources out there (Have I Been Pwned<https://haveibeenpwned.com/> and the World's Biggest Data Breaches<http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/> are always fun. The talk Modern Dictionaries by Raymond Hettinger<https://www.youtube.com/watch?v=p33CVV29OG8> about the evolution of hash tables - mainly in Python - is a good watch but a little long for class).
But then I got the perfect local example of how NOT to store passwords<https://www.youtube.com/watch?v=8ZtInClXe1Q> when ordering exams from TSSM...
If you use the "Forgot Password" form, they email you your plaintext password!!!
I should probably contact them, but it's such a perfect example that I don't want to ruin it.
[cid:ee7f4360-1ea8-4a3e-b1e5-07693f6920f0]
I hope all of your term 3s is off to a good start,
Simon
IMPORTANT - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Training.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/sofdev/attachments/20170719/07f4f629/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Password details for TSSM.png
Type: image/png
Size: 33283 bytes
Desc: Password details for TSSM.png
Url : http://www.edulists.com.au/pipermail/sofdev/attachments/20170719/07f4f629/PassworddetailsforTSSM-0001.png
More information about the sofdev
mailing list