View Single Post
  #8  
Old 4th July 2012, 10:35
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,504
Thanks: 813
Thanked 5,265 Times in 4,129 Posts
Default

I guess if customers would know that plesk stores their passwords unencrypted, then they would switch to a ISP that has higher security standards. Do you remember the bad press when companys lost their user database incl. passwords due to hackers with weak password encryption like linkedin, so everyone could imagine what the users would say if a company says "oh, we lost your passwords and they were not encrypted at all".

I wonder if a company is liable for damages that occur for not taking care of user passwords in a appropriate way, I guess this might be even grossly negligent.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote