On Tue, Dec 18, 2007 at 01:29:15PM +0800, jidanni@jidanni.org wrote:
Just how dangerous could a mysql dump be in the wrong hands? I suppose they couldn't extract all one's Users' passwords, only cookies?
Although passwords are not stored in cleartext, it would be possible to gather a lot of passwords using dictionary attacks.
Additionally, mysql dumps would contain email addresses and other private data.
Regards,
jens