I think encrypted are always aren't always reversible, but often they can be.

I've just been onto the HMRC website this morning to try sort some tax stuff out and when you register for new services it send a text to your phone, now they can going to post me another code - for some reason post another code don't ask me why only post.

Which will take another 7 working days. Annoyingly I want to get it done this morning just to get through something of my ever expanding list of things to do today, but it looks like it'll take another week now *sigh*.

I know companies use three factor authentication with VPN's now. With one of mine we had a VPN key fob, plus another code would text to the company phone with another you needed. I suppose they have to be careful with their databases being hacked, and if they are the information is of no use for the people who had obtained it.

---

@Alex wrote:

I think encrypted are always aren't always reversible, but often they can be.

What's the point of encrypting something that no-one will be able to decrypt and read? There isn't any, it's nonsense, it's not encryption. The point of encryption is that someone, with the decryption key, will be able to decrypt and read it.

---

@ejs wrote:

---

@Alex wrote:

I think encrypted are always aren't always reversible, but often they can be.

What's the point of encrypting something that no-one will be able to decrypt and read? There isn't any, it's nonsense, it's not encryption. The point of encryption is that someone, with the decryption key, will be able to decrypt and read it.

---

So that you only compare if the new encrypted value is a match to the original encrypted value. Ideal for passwords as it means you don't decrypt the original ever (it's impossible to do so) 

https://en.wikipedia.org/wiki/Cryptographic_hash_function

That's hashing not encryption.  There is quite a difference.

1. This topic is about Plusnet not making the user's original passwords 100% safe by one way cryptography function.
2. For some people this is viewed as encryption as the orginal content is transformed and is unreadable. 
3. And repeat back to 1

Either way, the methods do exist, and have done for years, to make sure that passwords are never stored as reversible data but some organisations still resist doing that. They would rather fashion business practises around the "trust me I'm secure" which in real life not one of them truly is.

It just needs 1 disgruntled employee or some misplaced faith in the company's own security measures, and boom.

The news sadly shows all too regularly that anything stored in company servers is liable to get out to the nefarious people.

Only yesterday PCWorld was in the news.

Who will it be today?

Hi @Alec ,

There are really only 2 things to know. And looks to me like @SpendLessTime is the latest person who clearly knows the very issue some of us have spotted and can see how to improve what PN are doing with our data.  In fact I'd bet @SpendLessTime has know of this for considerably longer

The 2 things are 1 encryption and 2 hashing
Obviously we all want our data as secure as possible.
There does seem to be confusion between these 2 quite different methods of securing data.

Here's another way to think about it.
In the PN database you have your data.  These can be categorised roughly into data you actually need PN to be able to read at some point. 

For example your name and you address - Lets call that A. 

Then there is data that no one ever needs to manually read for example your password - Lets call that B. 

Now I know at this point some may be thinking but surely all data needs to be read by a person.  Not true.  As long as the system can verify the data then for some data elements such as password this be handled by a system function.

For Type A data it makes sense to secure it as you would not wish to freely give that away.  However it does need to be reversible ie have the ability to be readable by a person (CSR, postman).
For Type B data however it does not need to be reversible.  As no one ever needs to view the data.  Like a password.

Now if you go look up reversible encryption methods you will see the possible implementations that can be employed for type A data.
And if you look up hashing you can see more secure solutions for type B.

What many people have spotted is PN can only be treating the password as Type A data, at best.  I'm sure they are.
What is also clear is they cannot be treating it as Type B data.  As Type B cannot be reversed.   The idea that all encrypted data needs to be read by a human is just not the case.  Passwords are a clear example of a human not needing to know.  The prize is increased (some would say essential) security.

So what's the problem ?  You may ask.
To answer that imagine this.....
Hacker gets the database.... in minutes he unlocks all type A data.
He never (or as near as damn it) gets type B data.
Which do you prefer ?

Of course having educated users who do not expose themselves by relying on one password for all systems is desirable.  This is as obvious, perhaps as clear as having strong passwords.  So sure there is a responsibility for any user and to some degree for the system owner to educate.
In addition there is clearly a responsibility for a system owner to do all they can to secure the data as best they can.
Where you draw that line may well be a point for debate.  Where would you draw the line ?  Have the data exposed by a hacker in next to no time ? A week ? A month ?  Never or as near as damn it ?  Some clearly prefer never.

Still not sure ?  Then it is worth searching for "hashing stronger than encryption", "why is hashing better/more secure than encryption".  Admittedly you may end up on stackoverflow or a mathematical/computer science research paper or a similar techy site but that's to be expected.

As some have pointed out such as @ConcernedUser where the security policy is defined may these days be defined not simply by what the system owner chooses to do.  It may well be defined by gov agencies.  I'd be surprised if they did not insist and perhaps be tasked with ensuring system owners do their best.  

After all if you were looking after users data in 2018 and building a new system and you knew type B is not prohibitive to implement then would you implement it ?  And of course type B is not all data, some will also by type A.  Some you may do nothing with as it could be considered to be not be of interest or of use in the slightest to a hacker.

---

@ejs wrote:

The problem probably originates from using the same password to access your account on the Plusnet website and for the PPP connection the router makes. Both ends of the PPP connection need to know the plaintext of the password.

So before you start considering better ways to store the password, you need to have different passwords for the account and for the PPP connection.

---

Plusnet will not be able to only store a hash of the account password until they start doing something different for the PPP connection password.