When is it a good idea to store passwords in clear text?

Question

I am working on an application that is targetted at non technical users. I expect a large number of support calls regarding lost passwords and inability to login.

I am u

Answer 1

Here's a few reasons to use unencrypted passwords:

1. When you don’t respect your user’s privacy.
2. When you’re about to be fired from your current job and would like to leave a lasting impression.
3. When you would like your primary users to be Chinese hackers.

If you feel like any of those items match your business model, then go ahead and leave your passwords unencrypted.

Answer 2

Never. The "nature of the application" doesn't matter. You should ask yourself what you think the benefits of storing it in clear text are. Do you expect tech support to pick up the phone and tell them their password? Or email it to them when they forget it? Those are never good ideas.

There's an established design pattern for passwords:

1. Hash them
2. Provide the user with a Forgot Password link
3. User enters the email address associated with their account
4. Reset link or temp generated password is emailed to their address
5. They are immediately prompted to specify a new password upon visiting the link or using the temp password.

That's the general overview and it's the expected approach. Other variations exist, such as providing security questions.

Answer 3

Seriously I do not think it is a good idea ever ...

Answer 4

When you want your site hacked and you have to guarantee that your user data is stolen or corrupted.

That's when you store passwords in clear text.

Answer 5

It is never a good idea to store password in database. Store a hash of password (possibly salted). In case of lost passwords, generate a new one and send it to their verified email address - make sure they change this autogenerated password on the next login.

Your target-audience may be non technical, but that won't be the case with their friends who are casual/professional pranksters. Non technical users must be treated with extra care because they are more likely to keep same username/password combination for your small application, the Google account and the online banking account (if the bank accepts that password). They will lose their data/mail accounts/money and you will lose trust and customers.

Here is a blog post on storing passwords in databases worth reading by @codinghorror

Answer 6

Security and Usability are at opposite ends of the same stick. When you make you application easy to use, like giving the user their password back you make it insecure. When you make your application ask 5 questions, a blood sample, and a password even Einstein would forget, you have usability problems.