twovests OP wrote
Reply to comment by cute_spider_ni_srsly in You're working for a big company making a new service. Requirement: You need to store passwords in plaintext. Resources: As many as you need. What security measures do you take here? by twovests
Eee I'm so happy someone asnswered this seriously
cute_spider_ni_srsly wrote
im still working on this answer but it is hard.
cute_spider_ni_srsly wrote
Here's the basic pitch:
There are two databases for passwords. One of which is turbo isolated and basically is write-only. Besides the fact that you can write the (decrypted) passwords to it, it basically does nothing. When a plaintext password must be recovered from it, it's a whole process with paperwork.
The server which actually does the password validation, account information, and day-to-day tasks which gets interaction from end users, that one does not use plaintext in any way shape or form.
twovests OP wrote
I like this! You're making the plaintext password just to satisfy the awful requirement and then do everything else the right way.
Viewing a single comment thread. View all comments