Uh... the code in question is retrieving those passwords and emailing them over ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ajross on Jan 4, 2012 \| parent \| context \| favorite \| on: World's Largest Wi-Fi Network Keeps Passwords in P... Uh... the code in question is retrieving those passwords and emailing them over unencrypted SMTP. How is that design improved by the use of key rotation or "hardware security modules"?

jtchang on Jan 4, 2012 [–]

By using a HSM you store the encryption key on a separate hardware device. I am already assuming that if you want to implement something like this you will encrypt the passwords. Thus the problem is knowing where to put the keys.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact