11 0 ReplyPretty good disclosure text. There are much bigger companies that don't manage to be this clear.
The only nitpick I have is saying "encypted" with bcrypt, even though they clearly know that bcrypt only hashes things.
4 0 ReplyI'm willing to give him a pass on that one since they're probably worried that their General audience will understand the word encrypted but not understand the word hashed
2 0 Reply
But didn't club penguin close doors ?
2 0 ReplyThis is a clone version.
6 1 Reply
obligatory bcrypt is not encryption
23 0 ReplyCorrect but you also dont want an encrypted password. You want a hashed password.
19 0 Replythis is true, and the name bcrypt can be misleading to non experts. i don’t blame them for getting this wrong in a pr statement 🤷♀️
5 0 Reply
What the hell is Club Penguin?
6 2 ReplyHabbo hotel for the little, little ones I think?
8 0 ReplyI guess you were born in the 2000s.....
4 4 ReplyI guess you were born in the 1950s, kids these days just don't know...
1 0 ReplyHey, I was born in the early 2000s and Club Penguin was huge when I was a kid! Everyone my age knows about it.
4 0 ReplyI was born in the late 1980s, can I know what it is?
Edit: Looks like a game. Are we assuming everyone in a technology community cares about video games? I’m a programmer but can’t get into video games at all.
6 3 Reply
bcrypt... with how many iterations? seems like an important detail
12 0 ReplyI don’t think I’d make that information public were I in their shoes. Wouldn’t that be a hint for anyone attempting to crack them?
3 0 Replyno, it’s (usually) stored as a part of the hash
5 0 Reply
So what password hashing mechanism upgrades they implemented?
3 1 Reply