How does Nabble store passwords?
Nabble is a public forum where all users’ messages are public records. With Nabble, your user account is for public posting and identification, and contains no valuable private information. Because of this public nature, we do not see a need to encrypt password. Your password is stored in our secure database but is not encrypted. If you forget your password, you can retrieve it through our website and the password will be emailed to you in clear text.
This decision, presumably brought to you by some high-on-architecture zealot trying to prove a point…
2 Comments
The only case in which encrypted password storage matters is when you trust the app but not the database (theft being the most common risk). Doesn’t protect against much else though (q.v. /etc/shadow). Transmission of cleartext passwords, however, is just bad. The series of tubes should not be trusted not to leak.
It’s not an issue of trust. Storing passwords as a one way hash simplifies who you have to trust.
To complicate things with micro managing issues of trust, you have to consider every one that might access that database. That’s every programmer, support person, manager and the potential malicious intruder. What about present or future features that decide to email passwords out to existing users, over plaintext or otherwise? That opens up users to identity theft and further cost from id theft. There are many reasons why it is not good to store passwords this way.
It’s not enough that storing passwords in plain text is bad though. It’s harder and more costly to implement a one way hash. Implementing a one way hash system in a very secure, reliable and robust fashion is even harder. You can argue the cost to benefit issue, but it isn’t an issue of trust, it’s an unfortunate issue of cost – one that isn’t taken seriously enough, in my opinion.