You are reading a single comment by @hamrack and its replies. Click here to read the full conversation.
  • It looks like the answer to a security question, so I'd be treating it like a password and not storing it in plain text.

    However, even if hashed it's vulnerable if the DB is stolen as the search space for possible answers to security questions is much less than for freely chosen texts of passwords.

    (Unless, of course, your answers to security questions like the city that you were born in are: "#3ak2@}-Zoe29!bb$-")

  • (Unless, of course, your answers to security questions like the city that you were born in are: "#3ak2@}-Zoe29!bb$-")

    Exactly what I have taken to doing. Password manager FTW!

About

Avatar for hamrack @hamrack started