How Not to Encrypt a File — Courtesy of Microsoft
Robert Parks
8616

I read many comments here arguing that this article was written long time ago as if this may belittle the seriousness of the mistake. This is just irrelevant here; of course good practices evolve, but setting the IV and key equal to the user password have just never ever been a good practice and was even emphasized as a DONT in any crypto specification.

I would like to hear about what Microsoft has to say about this article, rather than just removing it without an explanation.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.