Quote:
Originally Posted by mtn335
My biggest concern about RefPay is that I've heard Arbiter stores passwords in plaintext. That seems like a scary thing when related to anything to do with banking or money.
|
Quote:
Originally Posted by BktBallRef
That's not true. It's no different than logging into the Arbiter. That password appears as ....... except for the last character keyed, visible for a few seconds.
|
That isn't what he's talking about. He's referring to how passwords are stored in the system's database. There are good ways to do it with varying levels of security but storing them in plaintext is the absolute worst way.
I can't say for sure how they actually do it, but if a system can email you your password when you forget, then they might not be storing it in plaintext but are definitely not doing it the best way.