Sony keeps username & password in plain text format

[Coldbird]

Damn... now I REALLY beg users NOT TO use non PRO builds of PROCFW...
This could be exploited in so many bad ways by building a manipulated PROCFW which logs this...

[bpeterson]

Good find. I wouldn't be surprised, if it worked the same way on the PS3.

[ViP3R]

Next time it's uncle sam's redeem codes in there. Why can't they store in it in generally, the "Sony-type-of-encryption" a.k.a. keeping them in .prx *oh God it's even worst than that... Or some sort they can figure out.

Good find. I wouldn't be surprised, if it worked the same way on the PS3.

Meh, i dont know but, who knows if they're lazy as hell to store them in the HDD

[Casavult]

Hmmm, I could use this to get my brothers PSN details from his PSP.

But seriously, this sort of stuff should be heavily encrypted, but hey this is Sony...

[Kaliki]

But seriously, this sort of stuff should be heavily encrypted, but hey this is Sony...

I agree, there should indeed be a lot more secure protection on this. But you can't really blame Sony because the risk only exists if you are using CFW, which is not supported by Sony's tech people. Otherwise, practically everyone can put TCFW on other peoples PSP's in seconds nowadays...

[m0skit0]

But you can't really blame Sony because the risk only exists if you are using CFW, which is not supported by Sony's tech people.

I'm sorry but... WHAT? What about Sony reading your pass and stuff? And IIRC, Sony's servers also kept your personal data in plain text, so yeah, Sony is to blame, definitely. And even if not, any decent technology company will store your personal data encrypted. Even on a portable device. Shame on Sony.

And to everybody: please stop lickin' corporations' a**, you don't owe them anything.

[FrEdDy]

But you can't really blame Sony because the risk only exists if you are using CFW, which is not supported by Sony's tech people.

I'm sorry but... WHAT? What about Sony reading your pass and stuff? And IIRC, Sony's servers also kept your personal data in plain text, so yeah, Sony is to blame, definitely. And even if not, any decent technology company will store your personal data encrypted. Even on a portable device. Shame on Sony.

And to everybody: please stop lickin' corporations' a**, you don't owe them anything.

Yes, Sony stored sensitive PSN information in plaintext. No matter where they store your information, it should be always protected.

[ViKtory]

I guess this is why PSN got hacked so easily.

[Kaliki]

And even if not, any decent technology company will store your personal data encrypted.

That got me thinking. It's obviously right. I still wonder why many consumers don't care more often about giving away their personal data. But that's a different story.

[toBsucht]

So if anyone share his nan dump with login data people can get it easy?! btw i think you know that thiere is a hb to get those data