LISTSERV - LIBLICENSE-L Archives

LIBLICENSE-L Archives

LibLicense-L Discussion Forum

LIBLICENSE-L@LISTSERV.CRL.EDU

	LISTSERV Archives
	LIBLICENSE-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Password security in library databases
From:	LIBLICENSE <[log in to unmask]>
Reply To:	LibLicense-L Discussion Forum <[log in to unmask]>
Date:	Tue, 10 Feb 2015 19:05:22 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (25 lines)

From: Eric Hellman <[log in to unmask]>
Date: Tue, 10 Feb 2015 11:31:56 -0500

I've written an article about password security in library databases.

http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html

The number of failing grades (based on a year-old RFP response) is
discouraging. None of the services (including lots of organizations
that should know better!) appear to be handling passwords securely.

The followup to yesterday's NYT article on lax security in library
products might well be about libraries!

http://www.nytimes.com/2015/02/09/technology/uncovering-security-flaws-in-digital-education-products-for-schoolchildren.html

Eric

Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar

ATOM RSS1 RSS2

LISTSERV.CRL.EDU