Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Damn, that seems pretty bad. That said, could this be a problem with the Startup Battlefield mini site or do you think it's common practice across TechCrunch as a whole?

Part of me cynically thinks the latter, but another part of me thinks a lazy developer could have taken shortcuts with what they saw as a less important part of the site. Either way, it's bad news and I hope they address it soon.




I'm a big subscriber to broken windows theory; leaking raw errors and plain text passwords makes me think it's likely common practice...

I've reached out to them so hopefully they can get this sorted!


I tried it. It's still not fixed. This is incredibly dangerous.

I think that for all 'non-essential' sites it might be prudent to use a throwaway password each time. I think it might be an all too common practice on many a site.


I try and use separate passwords on every site, essential or not. That way if something like this happens it isn't really much of a big deal.

After all, who can ever know that even a large site like Facebook or Twitter or Google or Hacker News is storing your password securely? You usually can't, so you may as well be cautious and not reuse passwords for any service.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: