Reply to post: Unencrypted passwords in user profiles

College PRIMOS prankster wreaks havoc with sysadmin manuals

Gene Cash Silver badge

Unencrypted passwords in user profiles

I remember when my community college (step below a state university) switched from a punched-card machine to a Data General (MV?) box (remember them?) in the mid-80s. I was learning FORTRAN on it. We could still get packs of punch cards with the college logo in the vending machines.

It was running some flavor of DG/UX. I was messing around and discovered where my "user profile" was stored, so I looked at it with a hexdump. And the first part of the file was my unencrypted password. Seriously.

Yeah... when I mentioned that to people, it went to hell in a handbasket pretty quick.

Edit: now that I think about it, this must have been something locally written, not part of DG/UX. DG was smarter than that.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020