I’m sorry, I’m not even a security expert, but I have a few questions surrounding this.
- Why was the password human-readable and not encrypted
1.1) If it was encrypted why was he decrypting it. - How did he have access to them, group policy should stop this,
- He was in violation of security by checking passwords.
Longer passwords are more secure however it depends on the encryption. Hashing a password such as “TsNz_(2.,dh=?^r_P<” returns the following,.
“9FC46B186578EDE3B501F3F4989050DD6674513E93B83EC557A33A5C73FF2376BCA8CBEBF9C8334AA3FF726DD6FEC2D39A6902E7B53DA7EF5AD0107E7E27D5BC”
Not something that is easy to decrypt… Even if a database administrator was able to get access and view them for a second, it’d have no impact, and even if someone was able to gain access to the encrypted pass, on average it’d take It would take a computer about 380 QUADRILLION YEARS to crack that password, AND by then the breach would’ve been detected and people requested to change passwords.
I also used SHA-512 above, Many companies will have their own encryption algorithm which can’t be cracked using a web-decryption-tool.
Longer passwords are more secure.