18 December 2006


There is never, NEVER, N E V E R a reason to store passwords as clear text in a database. No matter how convenient it is for your own personal preference.

Any aspiring application developers reading this: NEVER. Salt-n-hash is such an easy thing to do in most any language now, and you won't be publicly ridiculed like spez is now.

No comments:

Post a Comment