Password security - concern

    Hello all,
    Recently, someone in my alliance has been e-mailing Sebastian re: trying to remember his login. He informed that he got sent this email:


    This concerns me - first of all, why the developer is asking for the password in the first place? Second of all, if the passwords are stored securely and encrypted, how would he know that the password is legitimate?

    Hi, I'm Cameron.
    I cover the operational area of the West Midlands, Guernsey, Jersey, Warwickshire, Staffordshire and the North West.


    Chief Operations Manager for AllianceUK.

    Adding onto what I said. If this turns out to be true, and passwords are being stored in plain text, this would be a breach of GDPR would it not?

    Hi, I'm Cameron.
    I cover the operational area of the West Midlands, Guernsey, Jersey, Warwickshire, Staffordshire and the North West.


    Chief Operations Manager for AllianceUK.

    Sebastian advises that he did in fact ask for your password through the support email, which does occasionally happen. As for storage, passwords ARE encrypted. He cannot actually read the passwords, he can only verify whether they are valid or not (which is what he will be doing with yours)

    Thank you for this response; my only concern was that some malicious attack could result in plain text passwords being leaked. It's not mine by the way, it's my friends :)

    Hi, I'm Cameron.
    I cover the operational area of the West Midlands, Guernsey, Jersey, Warwickshire, Staffordshire and the North West.


    Chief Operations Manager for AllianceUK.

    Like 1

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!

Register Yourself Login