On Tue, Dec 18, 2007 at 01:29:15PM +0800, jidanni(a)jidanni.org wrote:
Just how dangerous could a mysql dump be in the wrong
hands? I suppose
they couldn't extract all one's Users' passwords, only cookies?
Although passwords are not stored in cleartext, it would be possible to
gather a lot of passwords using dictionary attacks.
Additionally, mysql dumps would contain email addresses and other
private data.
Regards,
jens