GoFuckYourself.com - Adult Webmaster Forum - View Single Post

rowan · 02-29-2016, 10:22 AM

Reminds me a little of my bank.

Password length must be 6 characters exactly, letters and numbers only.

A few years ago they changed from a standard web field to an "onscreen keyboard" that you have to click to enter the password. It only lets you enter upper case, but there were no problems with logging me in, even though my password (previously entered with the keyboard) was mixed case. If they were using hashes, there's no way that the uppercase version I entered would match the stored mixed case password. Wouldn't be unreasonable to guess they could be storing the pass in plain text format. Then again, maybe they have some o' dat special decryption algorithm + salt

02-29-2016, 10:22 AM
rowan Too lazy to set a custom title Join Date: Mar 2002 Location: Australia Posts: 17,373	Reminds me a little of my bank. Password length must be 6 characters exactly, letters and numbers only. A few years ago they changed from a standard web field to an "onscreen keyboard" that you have to click to enter the password. It only lets you enter upper case, but there were no problems with logging me in, even though my password (previously entered with the keyboard) was mixed case. If they were using hashes, there's no way that the uppercase version I entered would match the stored mixed case password. Wouldn't be unreasonable to guess they could be storing the pass in plain text format. Then again, maybe they have some o' dat special decryption algorithm + salt