Can administrators actually see plain text of passwords?

How are they stored in the board?

Thanks...

Can administrators actually see plain text of passwords? No.

How are they stored in the board? Your password is not stored. The MD5+salt hash of your password (a one-way function) is stored, and is compared to the MD5+salt hash of the password you enter each time you log in. It is not possible (with current technology) to reverse an MD5+salt hash back to a plaintext password.

Passwords are stored in a salted MD5 Hash string (based on a 128-bit encryption key). They are not visible in plain text to administrators anywhere on our servers. When you log in, your password is not decrypted. Instead, the password you enter is run through the hash tool, and then the results are compared against the value stored table. If they match, you are logged in.

Basically, it is as secure as we can make it within commercially reasonable restrictions.

Apparently Andrew and I were posting at the same time...

Apparently Andrew and I were posting at the same time...

Thanks to both you and Tony for taking the time to educate me on this matter.

I am in the process of expanding my online accounts, and it made me think about what kinds of passwords to use where. It made me wonder how 'safe' it would be to duplicate passwords across different applications.

See my upcoming past in Tech section for more info. :)