

MyPasswordBuddy: An incredibly insecure password manager - caryme
http://www.mypasswordbuddy.com/
I happened across this site today and made an account for kicks. There is no https, your user password is stored in the clear, and in my short time on the site I got a database error.<p>I hope no one uses it.
======
lurkinggrue
I try to add an account and all I get is:

Microsoft OLE DB Provider for SQL Server error '80040e14'

Incorrect syntax near ','.

/web/admin/onlinepasswordmanager/default.asp, line 1039

------
thepsi
They offer an optional extra feature (paid) that I wasn't expecting:

<http://www.mypasswordbuddy.com/web/admin/>

------
patrickS
Better to use offline password management like Sticky Password.

<http://www.stickypassword.com>

------
teuobk
I'm a bit confused: is this meant to promote the site or to criticize it?

~~~
clistctrl
it seems to be vulnerable to sql injection... so my guess is criticize

~~~
Nyarly
"Hey! Tell me all your passwords and the sites they're associated with!" And
you're worried about sql injection?

------
markgamache
No SSL. Sign me up!

------
EvanK
i also love how they're shamelessly stealing their graphics from fallout 3

