Does RU-CENTER store passwords in open / decoded form?
Hey.
Today, I received a notification that one of the domains in the .ru zone that I registered was hungry, and asked for the continuation of delegation.
As usual, I didn’t remember at all what password this contract had (KeePass backups, but oh), because the domain is not so important, so I asked for a password to be restored.
')
From nic.ru fell the following:
It turns out that the general registrar in the .RU zone passwords are stored in a form that can be decrypted, or simply in open form. The idea about the fact that the password is simply generated every time I request a new recovery request, asking for password recovery several times in a row.
Hello, XXI century.
Update: the insider information slipped through that in the operator's interface it is possible to request the client’s questionnaire from the ru-center along with the technical and administrative passwords.
Today, I received a notification that one of the domains in the .ru zone that I registered was hungry, and asked for the continuation of delegation.
As usual, I didn’t remember at all what password this contract had (KeePass backups, but oh), because the domain is not so important, so I asked for a password to be restored.
')
From nic.ru fell the following:
,
Sat Jan 09 15:08:50 2010
RU-CENTER IP- 69.172.133.
/ 639/NIC-D.
: f33a1c7dd1
---
- RU-CENTER
e-mail: ru-ncc@nic.ru
phones: +7 495 737-0601
fax: +7 495 737-0602
It turns out that the general registrar in the .RU zone passwords are stored in a form that can be decrypted, or simply in open form. The idea about the fact that the password is simply generated every time I request a new recovery request, asking for password recovery several times in a row.
Hello, XXI century.
Update: the insider information slipped through that in the operator's interface it is possible to request the client’s questionnaire from the ru-center along with the technical and administrative passwords.
Source: https://habr.com/ru/post/80313/
All Articles