-
June 6th, 2006, 11:30 PM
#1
Senior Member
passwords that get sent in plain text?
apparently a lot of services that require a login still handle the username and password as plain text, making it relatively easy to get with a sniffer. i remember a nifty exhibit concerning this at defcon, it was called the "wall of sheep". anyway, i want to know:
1. what services still send passwords out in plain text? if i log in to any web interface that isnt using https or some encryption layer(message boards, web mail, etc.), is my info just being sent in plain text? what about a pop3 email account or a video game like world of warcraft or guild wars?
2. what can a i do about it? is there some kind of personal encryption layer that i could use? i'm not sure if that would work because the server would have to decrypt it on other side.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|