Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Australian Tax Office stores passwords in clear text->

Submitted by
mask.of.sanity
mask.of.sanity writes "The passwords of thousands of Australian businesses are being stored in clear readable text by the country's tax office. Storing passwords in readable text is a bad idea for a lot of reasons: they could be read by staff with ill intent, or, in the event of a data breach, could be tested against other web service accounts to further compromise users.

In the case of the tax office, the clear text passwords accessed a subsection of the site. But many users would have reused them to access the main tax submission services. If attackers gained access to those areas, they would have access to the personal, financial and taxpayer information of almost every working Australian.

Admins should use a strong hash like bcrypt to minimise or prevent password exposure. Users should never reuse passwords for important accounts."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Australian Tax Office stores passwords in clear text

Comments Filter:

Saliva causes cancer, but only if swallowed in small amounts over a long period of time. -- George Carlin

Working...