Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Privacy United States Your Rights Online

Feds Allegedly Demanding User Passwords From Services 339

An anonymous reader writes "Following the /. story on the Feds demanding SSL keys, now comes news that the feds are demanding user passwords, and in some cases, the encryption algorithm and salt used. From the article: 'A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies "really heavily scrutinize" these requests, the person said. "There's a lot of 'over my dead body.'" ... Some of the government orders demand not only a user's password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. ... Other orders demand the secret question codes often associated with user accounts.' I'm next expecting to see the regulation or law demanding that all users use plain text for all web transactions, to catch terrorists and for the children."
This discussion has been archived. No new comments can be posted.

Feds Allegedly Demanding User Passwords From Services

Comments Filter:
  • Hmmm... (Score:5, Funny)

    by girlintraining (1395911) on Friday July 26, 2013 @11:14AM (#44391735)

    They can ask. All passwords are one-way hashed using a 16384 bit salt and run through 4,000 rounds of AES before being stored in the database. Over there in the corner is our custom-built core which does the password retrieval, comparison, and pass-fail out onto a RADIUS server. The network name is NSA_COCKBLOCK... feel free to have a copy of the algorithm and database.

  • by ebno-10db (1459097) on Friday July 26, 2013 @11:21AM (#44391825)

    just a few large-bag hit and runs could net millions in CC#.

    Credit cards? You think small. How about getting access to the Federal Reserve? Considering all the money they give away to bail out financial institutions that should be in receivership, you could probably take a few billion and it would be dismissed as a rounding error.

  • Re:Hmmm... (Score:4, Funny)

    by DigitAl56K (805623) on Friday July 26, 2013 @12:12PM (#44392359)

    The ROT-13 jokes are really getting old, and anyone who cares about their security has already upgraded to ROT-26.

We can found no scientific discipline, nor a healthy profession on the technical mistakes of the Department of Defense and IBM. -- Edsger Dijkstra