Let's play a little game. I have a list of websites below and what I want you to do is decide whether you think each is safe or not to use (ie. would you login, make purchases from, use their services, etc...). Maybe they look reputable? Maybe you've heard of them before? Maybe you'd expect it to be? You can determine this however you like, which means you don't have to click on any either. I haven't used any URL shortening services nor any forum trickery. The URLs are all posted with [url] tags.
Ready?
1. [url]http://www.du.edu/[/url]
2. [url]http://conduit.com/[/url]
3. [url]http://www.travelocity.com/[/url]
4. [url]http://www.drugstore.com/[/url]
5. [url]http://www.tix.com/[/url]
6. [url]http://mcn.fantasyleague.com/[/url]
7. [url]http://www.jabber.org/[/url]
8. [url]http://nic.io/[/url]
9. [url]http://www.findtuition.com/[/url]
10. [url]http://www.dwyer-inst.com[/url]
11. [url]http://www.tesco.com/[/url]
12. [url]http://www.streamline.net/[/url]
13. [url]http://cvpcorp.com/[/url]
14. [url]http://www.rivosafeguard.com/[/url]
15. [url]https://www.politicopro.com/[/url]
16. [url]http://www.creation.co.uk/[/url]
17. [url]http://www.gourmetads.com/[/url]
18. [url]http://www.mgid.com/[/url]
19. [url]http://www.cdkeys.com/[/url]
20. [url]http://www.flynumber.com/[/url]
21. [url]http://phoenixpubliclibrary.org/[/url]
22. [url]http://www.uk.capgemini.com/[/url]
23. [url]http://thedma.org/[/url]
24. [url]https://www.dmachoice.org/[/url]
25. [url]https://www.ventrachicago.com/[/url]
26. [url]http://ptcb.org/[/url]
27. [url]http://accela.com/[/url]
28. [url]http://www.interparcel.com/[/url]
29. [url]http://talongungrips.com/[/url]
30. [url]http://www.limelight.com/[/url]
Done? Click below.[spoiler]They're all unsafe. Really.
All of these websites store your passwords in plaintext. Meaning, anyone who has access to the database (including if it's compromised like Snapchat or Sony Pictures' were) can read them.
Were you surprised by any that you thought were safe?
Sources: [url]https://defuse.ca/password-policy-hall-of-shame.htm[/url], [url]http://plaintextoffenders.com/[/url][/spoiler]
-
Edited by Progo: 1/20/2014 4:32:07 PMI only allow my financial information on very reputable sites, such as Amazon. Everyone else I manage through PayPal if possible, even though I'm not a huge fan of PP. Which means those sites are given my "tertiary passwords" which will not give them access to anything important.