[Owasp-topten] Insecure Cryptographic Storage

Zaki Akhmad zakiakhmad at gmail.com
Fri Apr 3 11:40:21 EDT 2009


Hello,

I'm back to ask again :-)

Is it true that end user will never know that his/her password is
stored whether in plain text or cipher text? Unless he/she knows how
the program store the password and to get know it, the user should get
access to the source code.

CMIIW
-- 
Zaki Akhmad


More information about the Owasp-topten mailing list