×
  • remind me tomorrow
  • remind me next week
  • never remind me
Subscribe to the ANN Newsletter • Wake up every Sunday to a curated list of ANN's most interesting posts of the week. read more

Forum - View topic
A Question for A.N.N. Administrators




Anime News Network Forum Index -> Site-related -> Bugs & Technical Questions
View previous topic :: View next topic  
Author Message
nobahn
Subscriber



Joined: 14 Dec 2006
Posts: 5120
PostPosted: Fri Aug 31, 2012 7:48 pm Reply with quote
I just finished reading this article. This brings me to my question: Does A.N.N. salt and hash the user's passwords? (or are they merely stored as plain text?)
Back to top
View user's profile Send private message My Anime My Manga
egoist



Joined: 20 Jun 2008
Posts: 7762
PostPosted: Fri Aug 31, 2012 7:54 pm Reply with quote
I'd be more worried if they went around revealing this sort of information.
Back to top
View user's profile Send private message My Anime My Manga
Rhyono



Joined: 03 Dec 2011
Posts: 1039
PostPosted: Fri Aug 31, 2012 9:14 pm Reply with quote
Quite frankly, it doesn't matter how ANN has its passwords handled. Your ANN account should not be of enough importance for crackers to bother with.
Back to top
View user's profile Send private message My Anime
Saffire



Joined: 25 Nov 2007
Posts: 1255
Location: Iowa, USA
PostPosted: Fri Aug 31, 2012 10:22 pm Reply with quote
Rhyono wrote:
Quite frankly, it doesn't matter how ANN has its passwords handled. Your ANN account should not be of enough importance for crackers to bother with.
Most people use the same credentials across many accounts. You should always be concerned with what happens if your account is compromised, even on the smallest site.
Back to top
View user's profile Send private message My Anime My Manga
DerekTheRed



Joined: 19 Dec 2007
Posts: 3544
Location: ::Points to hand::
PostPosted: Fri Aug 31, 2012 11:18 pm Reply with quote
Saffire wrote:
Rhyono wrote:
Quite frankly, it doesn't matter how ANN has its passwords handled. Your ANN account should not be of enough importance for crackers to bother with.
Most people use the same credentials across many accounts. You should always be concerned with what happens if your account is compromised, even on the smallest site.
If you are aware of the danger of having the same password across many platforms, you should be aware enough to not do that.
Back to top
View user's profile Send private message My Anime My Manga
Nyorai



Joined: 10 Mar 2007
Posts: 15
PostPosted: Sat Sep 01, 2012 1:59 am Reply with quote
It's almost common practice now a days to use hashing with some type of salt. For this type of site I wouldn't worry. Just make sure you don't use your online banking password on other sites.

If you ever get worried about those reports in the news. It's normally just some novice hacker who stumbled across a bug in the code because some programmer didn't properly check against SQL injections. And even if you can query the database tables you would still need to know the salt or encryption key to get any information. So it's unlikely they will be able to do any real damage.

Most people get their personal information stolen through viruses. Just keep your antivirus up to date you'll be fine.
Back to top
View user's profile Send private message Visit poster's website My Anime
Farix



Joined: 28 Feb 2007
Posts: 152
PostPosted: Sat Sep 01, 2012 5:22 am Reply with quote
The forum software is phpBB2, so the password is hashed by default. And if you use the same password for multiple websites, then you are setting yourself up for a world of hurt.

But yea, you should be more worried about keyloggers than anything else.
Back to top
View user's profile Send private message
Blood-
Bargain Hunter



Joined: 07 Mar 2009
Posts: 23669
PostPosted: Sat Sep 01, 2012 5:56 am Reply with quote
Hmm, I wonder if I should change my password from "password" to something a little more difficult...
Back to top
View user's profile Send private message My Anime My Manga
egoist



Joined: 20 Jun 2008
Posts: 7762
PostPosted: Sat Sep 01, 2012 8:24 am Reply with quote
Blood- wrote:
Hmm, I wonder if I should change my password from "password" to something a little more difficult...


You little liar...
Back to top
View user's profile Send private message My Anime My Manga
Blood-
Bargain Hunter



Joined: 07 Mar 2009
Posts: 23669
PostPosted: Sat Sep 01, 2012 7:49 pm Reply with quote
Suckah. Wink
Back to top
View user's profile Send private message My Anime My Manga
Alan45
Village Elder



Joined: 25 Aug 2010
Posts: 9812
Location: Virginia
PostPosted: Sat Sep 01, 2012 9:23 pm Reply with quote
@ Egoist
@ Blood-

Pot meet kettle, Kettle meet pot.
Back to top
View user's profile Send private message My Anime My Manga
P€|\||§_|\/|ast@



Joined: 14 Feb 2006
Posts: 3498
Location: IN your nightmares
PostPosted: Sat Sep 01, 2012 9:46 pm Reply with quote
Oh so everyone doesn't have different passwords and user names for every site they have to log in to and remembers them all? Laughing
Back to top
View user's profile Send private message Send e-mail My Anime
guildmaster



Joined: 17 Dec 2012
Posts: 355
Location: Hot & Humid FL
PostPosted: Mon Dec 17, 2012 10:50 am Reply with quote
Past wrote:
Oh so everyone doesn't have different passwords and user names for every site they have to log in to and remembers them all? Laughing


Of course not, they are in all of our profiles Razz
Back to top
View user's profile Send private message My Anime My Manga
Tempest
I Run this place.
ANN Publisher


Joined: 29 Dec 2001
Posts: 10419
Location: Do not message me for support.
PostPosted: Mon Dec 17, 2012 6:09 pm Reply with quote
guildmaster wrote:
Of course not, they are in all of our profiles Razz


Ironic that you would post about Necroposting elsewhere...
Back to top
View user's profile Send private message Send e-mail My Anime My Manga
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Anime News Network Forum Index -> Site-related -> Bugs & Technical Questions All times are GMT - 5 Hours
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group