• BiggestBulb@kbin.run
    link
    fedilink
    arrow-up
    18
    ·
    4 months ago

    How the hell do you even think “it’s fine, I’ll put this password in plain text” when literally building an app for a CREDIT UNION? Obviously it’s not acceptable to do that anywhere, but you would think they would think just a little bit harder about the decision when working with such sensitive data?

    • Fades@lemmy.world
      link
      fedilink
      arrow-up
      9
      ·
      4 months ago

      Plenty of cheap labor contractors will write up the basics without paying attention to things like encryption. I know because I’ve had to work with that sort of thing

    • Kevin Herrera@beehaw.org
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      Every credit union I have been a part of had some home brewed security system that did not follow best practices. Really felt like they contracted out to some kid still in college just to have something online.

      I’m certain there are better CUs out there, but I think the issue is most can’t afford much better.

  • ashitaka@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    4 months ago

    I wouldn’t be surprised if this is the result of “near shoring”/outsourcing technical work to foreign countries.