Forum - View topic
A Question for A.N.N. Administrators




Anime News Network Forum Index -> Site-related -> Bugs & Technical Questions
View previous topic :: View next topic  
Author Message
nbahn
Anime isn't real? Nooo...Anime isn't real? Nooo...


Joined: 14 Dec 2006
Posts: 1855
Location: Now in Great Lakes region

PostPosted: Fri Aug 31, 2012 7:48 pm Reply with quote
I just finished reading this article. This brings me to my question: Does A.N.N. salt and hash the user's passwords? (or are they merely stored as plain text?)
Back to top
View user's profile Send private message My Anime My Manga
egoist
Pirate KingPirate King


Joined: 20 Jun 2008
Posts: 7670

PostPosted: Fri Aug 31, 2012 7:54 pm Reply with quote
I'd be more worried if they went around revealing this sort of information.
Back to top
View user's profile Send private message My Anime My Manga
Rhyono



Joined: 03 Dec 2011
Posts: 1039

PostPosted: Fri Aug 31, 2012 9:14 pm Reply with quote
Quite frankly, it doesn't matter how ANN has its passwords handled. Your ANN account should not be of enough importance for crackers to bother with.
Back to top
View user's profile Send private message My Anime
Saffire



Joined: 25 Nov 2007
Posts: 870
Location: Iowa, USA

PostPosted: Fri Aug 31, 2012 10:22 pm Reply with quote
Rhyono wrote:
Quite frankly, it doesn't matter how ANN has its passwords handled. Your ANN account should not be of enough importance for crackers to bother with.
Most people use the same credentials across many accounts. You should always be concerned with what happens if your account is compromised, even on the smallest site.
Back to top
View user's profile Send private message My Anime My Manga
DerekTheRed
Encyclopedia SupporterEncyclopedia Supporter


Joined: 19 Dec 2007
Posts: 3266
Location: ::Points to hand::

PostPosted: Fri Aug 31, 2012 11:18 pm Reply with quote
Saffire wrote:
Rhyono wrote:
Quite frankly, it doesn't matter how ANN has its passwords handled. Your ANN account should not be of enough importance for crackers to bother with.
Most people use the same credentials across many accounts. You should always be concerned with what happens if your account is compromised, even on the smallest site.
If you are aware of the danger of having the same password across many platforms, you should be aware enough to not do that.
Back to top
View user's profile Send private message My Anime My Manga
Nyorai



Joined: 10 Mar 2007
Posts: 15

PostPosted: Sat Sep 01, 2012 1:59 am Reply with quote
It's almost common practice now a days to use hashing with some type of salt. For this type of site I wouldn't worry. Just make sure you don't use your online banking password on other sites.

If you ever get worried about those reports in the news. It's normally just some novice hacker who stumbled across a bug in the code because some programmer didn't properly check against SQL injections. And even if you can query the database tables you would still need to know the salt or encryption key to get any information. So it's unlikely they will be able to do any real damage.

Most people get their personal information stolen through viruses. Just keep your antivirus up to date you'll be fine.
Back to top
View user's profile Send private message Visit poster's website My Anime
farix



Joined: 28 Feb 2007
Posts: 143

PostPosted: Sat Sep 01, 2012 5:22 am Reply with quote
The forum software is phpBB2, so the password is hashed by default. And if you use the same password for multiple websites, then you are setting yourself up for a world of hurt.

But yea, you should be more worried about keyloggers than anything else.
Back to top
View user's profile Send private message
Blood-
SubscriberSubscriber


Joined: 07 Mar 2009
Posts: 14529
Location: Toronto, Canada

PostPosted: Sat Sep 01, 2012 5:56 am Reply with quote
Hmm, I wonder if I should change my password from "password" to something a little more difficult...
Back to top
View user's profile Send private message My Anime My Manga
egoist
Pirate KingPirate King


Joined: 20 Jun 2008
Posts: 7670

PostPosted: Sat Sep 01, 2012 8:24 am Reply with quote
Blood- wrote:
Hmm, I wonder if I should change my password from "password" to something a little more difficult...


You little liar...
Back to top
View user's profile Send private message My Anime My Manga
Blood-
SubscriberSubscriber


Joined: 07 Mar 2009
Posts: 14529
Location: Toronto, Canada

PostPosted: Sat Sep 01, 2012 7:49 pm Reply with quote
Suckah. Wink
Back to top
View user's profile Send private message My Anime My Manga
Alan45
Village ElderVillage Elder


Joined: 25 Aug 2010
Posts: 3522
Location: Virginia

PostPosted: Sat Sep 01, 2012 9:23 pm Reply with quote
@ Egoist
@ Blood-

Pot meet kettle, Kettle meet pot.
Back to top
View user's profile Send private message
Past



Joined: 14 Feb 2006
Posts: 3121
Location: Seattle bound (soon)

PostPosted: Sat Sep 01, 2012 9:46 pm Reply with quote
Oh so everyone doesn't have different passwords and user names for every site they have to log in to and remembers them all? Laughing
Back to top
View user's profile Send private message Send e-mail My Anime
guildmaster



Joined: 17 Dec 2012
Posts: 325
Location: Hot & Humid FL

PostPosted: Mon Dec 17, 2012 10:50 am Reply with quote
Past wrote:
Oh so everyone doesn't have different passwords and user names for every site they have to log in to and remembers them all? Laughing


Of course not, they are in all of our profiles Razz
Back to top
View user's profile Send private message My Anime My Manga
Tempest
ANN Publisher & CEO


Joined: 29 Dec 2001
Posts: 8533
Location: Do not message me for support.

PostPosted: Mon Dec 17, 2012 6:09 pm Reply with quote
guildmaster wrote:
Of course not, they are in all of our profiles Razz


Ironic that you would post about Necroposting elsewhere...
Back to top
View user's profile Send private message Send e-mail My Anime My Manga
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Anime News Network Forum Index -> Site-related -> Bugs & Technical Questions All times are GMT - 5 Hours
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group