View Single Post
Old 4th July 2012, 11:35
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,022
Thanks: 840
Thanked 5,655 Times in 4,464 Posts

I guess if customers would know that plesk stores their passwords unencrypted, then they would switch to a ISP that has higher security standards. Do you remember the bad press when companys lost their user database incl. passwords due to hackers with weak password encryption like linkedin, so everyone could imagine what the users would say if a company says "oh, we lost your passwords and they were not encrypted at all".

I wonder if a company is liable for damages that occur for not taking care of user passwords in a appropriate way, I guess this might be even grossly negligent.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote