The Down Range Forum

Member Section => Down Range Cafe => Topic started by: alfsauve on November 26, 2014, 02:12:52 PM

Title: USPSA Database Hacked
Post by: alfsauve on November 26, 2014, 02:12:52 PM

They've shut down the web site.    If you use the same id/pwd on their site as others you'll want to change your password on ALL the other sites.

No one should store actual passwords.   They should only store hash codes that cannot be hacked.

http://www.brianenos.com/forums/index.php?showtopic=205850&hl= (http://www.brianenos.com/forums/index.php?showtopic=205850&hl=)

Title: Re: USPSA Database Hacked
Post by: brushmore on November 26, 2014, 02:40:58 PM

Quote

No one should store actual passwords.   They should only store hash codes that cannot be hacked.

As a programmer, I am just dumb founded that fellow programmers still do things this stupid.  It ain't that hard people!

Title: Re: USPSA Database Hacked
Post by: ExurbanKevin on November 26, 2014, 07:14:43 PM

Hacking the database and changing your scores...

... well, that's one way to make GM. ;)

Title: Re: USPSA Database Hacked
Post by: tombogan03884 on November 28, 2014, 09:18:23 AM

Quote from: brushmore on November 26, 2014, 02:40:58 PM

As a programmer, I am just dumb founded that fellow programmers still do things this stupid.  It ain't that hard people!

If you follow security issues in that industry you know that the number 1 security issue is user laziness.
Many, even those who should know better don't even change default access codes.