From: Eric Hellman <[log in to unmask]>
Date: Tue, 10 Feb 2015 11:31:56 -0500

I've written an article about password security in library databases.

http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html

The number of failing grades (based on a year-old RFP response) is
discouraging. None of the services (including lots of organizations
that should know better!) appear to be handling passwords securely.

The followup to yesterday's NYT article on lax security in library
products might well be about libraries!

http://www.nytimes.com/2015/02/09/technology/uncovering-security-flaws-in-digital-education-products-for-schoolchildren.html

Eric


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar