Please Notice: For fastest support from PowerArchiver team, contact us via our Support page

Conexware-Account: Passwords stored cleartext?



  • Hello!
    Sorry for posting this in PA-General, but I haven’t found a better place.
    Last week I had to change my password and about 4 hours later I received an E-Mail from Conexware giving my new Password in cleartext.
    So my question is: are passwords stored in cleartext? If they were stored as salted hashes (as suggested and good practice today) it should not be possible to retrieve my password.
    Things I have checked before posting here:

    1. The mail with my password originates from Conexware (according to headers)
    2. The page I used to change my password was encrypted and belonged to Conexware.
      So it should not be the result of some kind of phising.
      Thanks for a reply!
      A.Borque


  • Hello!
    Your password is not stored in cleartext. Password are stored encrypted. We use strong and secure algorithm for password encryption.
    Accounts are safe.
    Cetko


  • conexware

    @cetko:

    Hello!
    Your password is not stored in cleartext. Password are stored encrypted. We use strong and secure algorithm for password encryption.
    Accounts are safe.
    Cetko

    I cant believe this is Cetko’s first post since he started working here in 2012! Congrats Cetko!


  • conexware

    Welcome Cetko!! Grab a beer and come around often! 😃



  • Thank you guys 😃


  • Alpha Testers

    @cetko:

    Hello!
    Your password is not stored in cleartext. Password are stored encrypted. We use strong and secure algorithm for password encryption.
    Accounts are safe.
    Cetko

    But clearly they’re not stored as a salted hash.

    Where does the decryption key come from to allow you to email the password?


Log in to reply
 

Looks like your connection to PowerArchiver Forums was lost, please wait while we try to reconnect.