Tuesday, September 18, 2007

Quick Tip: Password in Logs

I think I mentioned it before, but it helps to repeat: sometimes, your users' passwords will show up in logs, alongside the usernames.

If you are under HIPAA and username/password combos are considered PHI, then logs also become PHI ... think about it.

No comments:

Dr Anton Chuvakin