- From: Elliotte Harold <elharo@metalab.unc.edu>
- Date: Thu, 09 Oct 2008 08:13:47 -0700
- To: noah_mendelsohn@us.ibm.com
- Cc: Jonathan Rees <jar@creativecommons.org>, David Orchard <orchard@pacificspirit.com>, "www-tag@w3.org" <www-tag@w3.org>
noah_mendelsohn@us.ibm.com wrote: > Jonathan Rees suggests: > >> "Good practice: Clear text passwords are a serious security risk. >> Transmit passwords in the clear only in applications that do not >> require any assurance of security." > > I'm sympathetic to your attempt to come up with something, but I think > this misses an important nuance that is mentioned in the draft minutes of > our meetings. As I understand it, one concern is with the risk that > novices will use the same password for multiple applications. So, you > deploy the "birthday party registration application" for your child, and > decide that pwds in the clear are just fine for that. Unbeknownst to you, > those registering for the birthday party use the same password as for > their bank account. Nefarious network sniffers pick up the pwd from the > birthday login, and use it to empty the bank account. > Previously I thought cleartext passwords were sometimes OK along the lines you suggest, but you've now convinced me otherwise. I now think the only reasonable answer is that clear text passwords are never acceptable. Full stop. Any suggestion that they might be acceptable in some circumstances is irresponsible. We need to bite the bullet and accept that. > "Good practice: Clear text passwords are a serious security risk. Transmit > passwords in the clear only in applications that do not > require any assurance of security, and when users are aware of the risks." Don't we know by now that all users are never aware of the risks? Let's stop trying to put lipstick on this pig. Cleartext passwords don't work. They are dangerous and we need to deprecate them. -- Elliotte Rusty Harold elharo@metalab.unc.edu Refactoring HTML Just Published! http://www.amazon.com/exec/obidos/ISBN=0321503635/ref=nosim/cafeaulaitA
Received on Thursday, 9 October 2008 15:14:24 UTC