Petition Data Protection Act - Include password storage

More details

To prevent fraud, and force companies to act responsibly - I want the Government to amend the Data Protection Act (or any relevant act) to treat customers passwords as "prohibited data", unless they make it clearly visible, on entry, that this information will be stored in an unsafe manner.

This would prevent password leakage through hacking, and prevent companies sending plain text passwords, which put customers at risk.

Companies should make reasonable efforts to use industry best practice methods (guidelines prescribed by the British Computer Society?) which do not allow hackers or internal employees to reverse engineer a password.

Current methods include
- storing a strongly encrypted mathematical hash value of password and 'salt' value - NOT the password.
- using a trusted 3rd party Authentication provider and only storing a secure token.

This petition is closed This petition ran for 6 months

5 signatures

Progress of the petition towards its next target: 5 of 10,000 signatures required to get a government response

Show on a map the geographical breakdown of signatures by constituency

10,000 signatures required to get a government response

Date closed 18 May 2014
Get petition data (json format)

About petition data

The data shows the number of people who have signed the petition by country as well as in the constituency of each Member of Parliament. This data is available for all petitions on the site. It is not a list of people who have signed the petition. The only name that is shared on the site is that of the petition creator.