Get our superfast unlimited fibre broadband
Great-value deals on unlimited broadband
Flexible and affordable sim only deals with no contract
Our network reaches over 99% of the UK, so we've got you covered
Low on minutes, data or texts? Just add one of our bolt-ons
Quick and easy access to your account, services, bills and tools
View and manage your mobile account, tariff and usage
I had a call with a member of the Plusnet customer service team today who asked for two specific characters from my password to confirm who I was.
Password storage best practice is to hash user's passwords before storage so they can't be determined from the database record.
How were the characters from my password confirmed? Are user passwords only encrypted on the database? If so, why?