World's Largest Wi-Fi Network Keeps Passwords in Plain Text

Most people are arguing that a password shouldn't ever be recoverable and that "even root level access should not grant you passwords".<p>This feels like shaky logic though. Hashing is a good defence against DB harvesting but it doesn't stop a root level admin from listening to inbound unencrypted logins. Prolonged root access is therefore still a viable attack vector. The question is only how quickly you can harvest those passwords.<p>Other people are arguing that with sufficient decoupling and safeguards between the encryption key and the database there is an acceptable risk associated with storing a password.<p>Since services like Yodlee clearly do store passwords this is something that companies do address. Could someone who really knows this area well please describe how this is done in a way to minimise risk and how the risk compares to a traditional 1-way hashing?

I can't believe that this is still common practice in some large-scale businesses. In my imagination of a perfect world I would never get in touch with a user's plain text password at all.

Yes. It's way too common and sickening.<p>I first reported a similar issue to Rackspace Cloud 2/2/2010:<p><a href="http://feedback.rackspacecloud.com/forums/71021-product-feedback/suggestions/1154383-do-not-send-root-password-by-email-" rel="nofollow">http://feedback.rackspacecloud.com/forums/71021-product-feed...</a><p>They still email new vps ROOT passwords with IP addresses. (At least they said they would fix it about 2 months ago.)<p>Perhaps there's not enough people that are bothered by this? There is this site: <a href="http://plaintextoffenders.com/" rel="nofollow">http://plaintextoffenders.com/</a>

Being able to provide you with your password in plain text doesn't mean it's stored in plain text. There are very efficient and secure encryption algorithms that are reversible, out there.<p>Of course, sending passwords in an unencrypted email is bad practice, but that's another story.

Had a similar experience with Dreamhost about 2 years ago. I sent them an email pointing out the insecurity of sending passwords in an unencrypted email, but they seemed to feel that their customers "appreciated" the ease of password recovery over security.

They can still have some kind of encryption algorithm in place to encrypt/decrypt passwords in their database. That said, sending the passwords out in plain-text via Email isnt particularly secure either.

While sending passwords in plain text via e-mail is something that should be frowned upon, the e-mail itself is not evidence that they store your password in plain text.

Password issues aside, Fon is a scam by a con artist. Just stop using it...

How about playing the devils advocate. How many people here own homes without a security system or don't use that system every day? It can be a pain turning the system off and on every time you leave the house.<p>If you were in the physical security business and knew of all the violence that occurs in society you would think it's crazy to not own a security system and not use it every day.<p>Now put yourself in the shoes of a non technical person and you can see how convenience sometimes trumps security.<p>Sidenote: I love asking people in the computer security business about what kind of physical security system they use at home. Most don't use one.

Unwarranted paranoia.<p>The worst thing that can happen here is that somebody connects to your wifi. If someone can read your email and is in the vicinity to connect to your wifi, the least of your problems is that he or she does connect to your wifi.<p>Also, as pointed out by others, this doesn't mean it's stored in plain text. Any time you set a password it travels in plain text (typically - and hopefully - via a secure connection) and it arrives to their server in plain text. You are never sure they are immediately storing it properly encrypted in a DB. They can also be doing things like sending it in emails or storing it elsewhere. If you cannot trust your password to whoever is storing it you are basically f<i></i>*ed. BTW, what do you think they might do whenever you enter the wrong password in the wrong site? (for instance, your email password).