Hacker News new | comments | show | ask | jobs | submit login
Ask HN: Does Pandora Store Plaintext passwords?
19 points by jmediast on Apr 4, 2012 | hide | past | web | favorite
If you check out your account on pandora.com, you can see your plaintext password in the password box (value="MY_PASSWORD").

I don't think Pandora would store it as plaintext... rather I hope they wouldn't. My guess is that they may encrypt it, but not hash it? Or it's potentially saved from the POST and not kept in their database?

Is there ever a good case to encrypt a password instead of storing a hash? Anyone know if Pandora encrypts it, stores it as plaintext, or is just capturing the POST? If they are capturing the POST, again, why? Is there any reason to do that, UI or otherwise?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact