Why are plain text passwords bad, and how do I convince my boss that his treasured websites are in jeopardy?

Question

I\'ve always been of the impression that storing passwords in a database as plain text is (as someone else here put it) a Very Bad Thing™.

Historically, most of our

Answer 1

In the military it's called "Defense in Depth". The theory is that you harden every layer you can rather than hardening just one layer and hoping it's enough.

I've heard databases like yours called "hard on the outside, soft and chewy on the inside". There are a million ways a dedicated hacker can get access to your database. Social engineering, a disgruntled employee, an ex-employee who decides to see if his login still works, or that backdoor he wrote is still there, one missed OS patch... the list goes on.

If a bad actor gets access through any of these methods, instead of just getting the data, he gets access to every username/password combination of every user of your system, and as someone pointed out, people often use the same combo for every website. So your hacker goes out and owns hundreds of people's Paypal, email, and bank accounts.

Have I painted a gruesome enough picture yet?