Re^3: What happened?

http://www.perlmonks.org?node_id=784266

in reply to Re^2: What happened?
in thread What happened?

Evidently they were stored plain text. Until someone updates the users that the breach has been closed and the passwords are actually being stored in a sane manner, you should expect that people who care to do so have full access to your profile.

Comment on Re^3: What happened?

Replies are listed 'Best First'.
Re^4: What happened? by Juerd (Abbot) on Jul 29, 2009 at 15:35 UTC
Yes, but still people should change their passwords now. And again when the problems have been fixed. If your password is listed, anyone can use your password to change your posts, or worse: change your password so you can't change it yourself, later. If you change it now, your new (temporary) password would still be stored in clear text, on a possibly insecure host (although apparently the passwords were stolen from a disused server), but getting it would require significant effort as opposed to just reading a magazine that has probably been copied over a million times already.	[reply]
Re^5: What happened? by Anonymous Monk on Jul 30, 2009 at 03:23 UTC
users who havent logged into perlmonks in over a year should have their passwords changed by gods	[reply]

In Section Perl Monks Discussion