If you forget your password for a website and you click [Forgot my password], sometimes the company sends you a new password by email but sometimes it sends you your old password by email. Compare these two cases in terms of vulnerability of the website owner
What will be an ideal response?
If
the
site
tells
you
what
your
password
was,
that
means
the
site
is
storing
your
password
rather
than
just
a
hash
of
it.
This
means
that
anyone
who
gains
access
to
the
site's
password
database
has
access
to
all
the
passwords.
If
the
site
sends
you
a
temporary
password,
there
is
a
good
chance
it
is
not
storing
actual
passwords,
which
is
the
correct
approach
from
a
security
perspective.
You might also like to view...
Which formatting applied to a document sets the equivalent of a blank line between each pair of text lines?
A) single-spacing B) double-spacing C) 1.5 spacing D) triple-spacing
The World Wide Web is a collection of HTML documents, images, videos, and sound files that can be linked to each other and accessed over the Internet using a protocol called _____.
A. HTTP B. HTML C. FTP (file transfer protocol) D. IP