Quote:
Originally Posted by The Wind Breezes
You're right. I just performed a packet capture of the site and login credentials are sent in plaintext although the username is hashed to md5. Not so good, and worse, it's hash WITHOUT A SALT! So it would be really easy to decode most user's passwords if you could grab their traffic. Or someone could insert their own page.
|
I don't think the admins are interested in commenting about this.
__________________
"Drive more, worry less. "
435i, MPPK, MPE, M-Sport Line