Re: Unencrypted passwords in user profiles
DG was pretty smart.
But in their own AOS/VS operating system, one had the option to create a user account with unencrypted password. This led to an odd case on a contract where I worked: I arrived to find the staff trying to figure out why our admins could log in to server X, but the users couldn't. Our privileged accounts all had encrypted passwords, so I suspected a failure in the EXEC process, which managed logins (and spooling). We confirmed that accounts with encrypted passwords could log in, accounts with unencrypted passwords could not, and we copied over a good version of EXEC.EXE, which fixed the problem.
And I must admit that the unencrypted password did come in handy for pranking once, when we were challenged to test the security of an adjoining network--one of our sometime co-workers had (having moved from the contract) an account with unencrypted password on a machine we had access to. We did no damage, but we made it clear that we could log in as him.