GoFuckYourself.com - Adult Webmaster Forum - View Single Post - liability for storing member passwords unencrypted?

k0nr4d · 12-11-2014, 08:20 AM

There's not really much legal liability here - you are storing access to YOUR website and not someone elses, so if you are running a paysite and no one can actually cause any monetary damage to the person with that data then there's nothing you are liable for. The fact they are maybe using the same password for thier email and other sites isn't really your fault nor your problem.

Somethign like NATS would have to store them as plaintext because not all scripts and programming languages that may authenticate off of nats db can work with specific hashing methods.

12-11-2014, 08:20 AM
k0nr4d Confirmed User Industry Role: Join Date: Aug 2006 Location: Poland Posts: 9,228	There's not really much legal liability here - you are storing access to YOUR website and not someone elses, so if you are running a paysite and no one can actually cause any monetary damage to the person with that data then there's nothing you are liable for. The fact they are maybe using the same password for thier email and other sites isn't really your fault nor your problem. Somethign like NATS would have to store them as plaintext because not all scripts and programming languages that may authenticate off of nats db can work with specific hashing methods. __________________ Mechanical Bunny Media Mechbunny Tube Script \| Mechbunny Webcam Aggregator Script \| Custom Web Development