From: Eric Hellman <[log in to unmask]> Date: Tue, 10 Feb 2015 11:31:56 -0500 I've written an article about password security in library databases. http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html The number of failing grades (based on a year-old RFP response) is discouraging. None of the services (including lots of organizations that should know better!) appear to be handling passwords securely. The followup to yesterday's NYT article on lax security in library products might well be about libraries! http://www.nytimes.com/2015/02/09/technology/uncovering-security-flaws-in-digital-education-products-for-schoolchildren.html Eric Eric Hellman President, Gluejar.Inc. Founder, Unglue.it https://unglue.it/ http://go-to-hellman.blogspot.com/ twitter: @gluejar