No, storing any part of customers' passwords in plaintext is not okay even if you think your security is "amazingly good."https://motherboard.vice.com/en_us/article/7xdeby/t-mobile-stores-part-of-customers-passwords-in-plaintext-says-it-has-amazingly-good-security …
-
-
I'm guessing that part of the reason for this is that long long ago RADIUS couldn't handle encrypted passwords in the user database if you used CHAP on the wire & no one there ever saw a reason to do it differently
-
There was never any legitimate reason to use CHAP on the wire. GSM already authenticated the customer.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.