Comment Thinkpad X220T (Score 1) 300
Comment Re:Not for me. (Score 1) 47
Comment Re:Beware the writing. (Score 1) 130
Comment Re:There's a little flaw in the setup (Score 1) 126
Comment Re:"Who cares" level of password (Score 2) 102
Does the site offer/store anything that would be worth the effort of creating a password worth caring about?
As a CSDN user, I'd say : No.
Still, it doesn't prevent millions of users, who are too 'busy' to even bother use a dummy password, from actually using their main passwords (web banking, email etc.) on the AD riddled forum.
Comment Re:I've never understood clear text passwords (Score 2, Informative) 102
It's sooooo easy to md5 a password before doing anything with it. md5 it in javascript and never bother collecting the clear text, is it the most secure ever? probably not. Is it a billion times better than cleartext and unbelievably easy? Yes.
Actually, doing MD5 on a client side script is severe no-no if it were the only form of authentication. A hacker could simply run a script running through all 16^32 possiblities of the MD5 hash instead of the almost infinite possiblities of the original password. Doing a client side MD5 actually weakens many passwords instead of strenthening them. You're left with something around an 18 character alpha-numeric-symbol password - no matter how long or difficult your original password was.