Full Disclosure mailing list archives

#warning -- DICE.COM insecure passwords

From: warning () type-error net
Date: Mon, 11 Feb 2013 04:30:29 -0800

job / recruiter website dice.com use ancient crypt() hash function.
passwords limited to seven characters. cracking user passwords quite
simple. be very afraid of future hash / cracked password dump. maybe
dice.com should improve their security to avoid public shaming?

#warning

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

#warning -- DICE.COM insecure passwords warning (Feb 11)
- Re: #warning -- DICE.COM insecure passwords Valdis . Kletnieks (Feb 12)
  - Re: #warning -- DICE.COM insecure passwords Tim (Feb 12)
    - Re: #warning -- DICE.COM insecure passwords Travis Biehn (Feb 12)
    - Re: #warning -- DICE.COM insecure passwords Jeffrey Walton (Feb 12)