worst combination of multiple basic security practices: A major university's student registration system storing user login passwords in clear-text and using student's social security number as record identifier all the while, allowing access to the registration system via the Internet HTTP (unencrypted protocol). These security issues were known for years and exposed during PCI certification (for credit card payment capturing), so guess what else was "in the records" in clear text format?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
worst combination of multiple basic security practices: A major university's student registration system storing user login passwords in clear-text and using student's social security number as record identifier all the while, allowing access to the registration system via the Internet HTTP (unencrypted protocol). These security issues were known for years and exposed during PCI certification (for credit card payment capturing), so guess what else was "in the records" in clear text format?