Ask HN: Should my domainhost be storing passwords in cleartext? | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

		Ask HN: Should my domainhost be storing passwords in cleartext?
		4 points by detritus on Nov 26, 2020 \| hide \| past \| favorite \| 2 comments

		My domain provider asked me for the first four letters in my password when I contacted them on the phone earlier, to try and resolve a problem at their end. Presumably that means they store passwords in clear text, right? If so - that's... well, bad - isn't it?

mtmail on Nov 26, 2020 [–]

Bad and sadly still happening https://plaintextoffenders.com/

detritus on Nov 26, 2020 | [–]

Ha!

And there is the offending company, on line 4501.

https://github.com/plaintextoffenders/plaintextoffenders/blo...

Added in 2015.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact