back to article Gawker makes a hash of non-ASCII characters in passwords

Gawker is phasing out the use of email-address-and-password login in favour of more modern OAuth authentication and the use of anonymous one-off accounts. Tom Plunkett, CTO at Gawker Media, briefly explained the plans in responding to the discovery of another password-related security snafu involving the media news and gossip …

COMMENTS

This topic is closed for new posts.

Shorter Gawker:

"We're completely incompetent at security, so we're outsourcing the problem to a third party too new to have ruined its reputation yet."

0
0
Boffin

You are the weakest link, hello.

Just goes to show that no matter how security-smart you are when selecting a password or configuring your router for WPA2, all it takes is one ignorant and lazy programmer who's decided to ignore UTF-8 in the global marketplace because it complicates his simple understanding of coding for a 7-bit world, and you're about as secure as an English air-to-the-throne being escorted by police outriders and royal guards through a student protest to an annual variety performance.

Poke these programmers with a wooden stick!

0
0

CTO is a lucky fellow

Quite interesting that this plunker is still employed there considering how thin skinned Denton is.

0
0
Pint

Speaking of " failing to handle non-ASCII characters in passwords "

over Christmas my all-non-ascii elReg password stopped working. Necessitating a return to a boring old ascii letters and numbers jobby. There were all sorts of other site errors too. Just had to drink beer without watching the world go by. sniff.

0
0
Thumb Up

Already started

I forgot my new Gawker password yesterday, and was prompted to use a burner to get back in.

0
0
This topic is closed for new posts.

Forums