You're correct it's necessary for how they use this, to impersonate a user and 'clone' their email data. But then, that is the problem, they shouldn't be able to do this at all.
Okay but the existence of a problem does not change the simple fact that it's encrypted. So many people arguing against this point out of some misguided sense of fuzzy logic.
It is encrypted in transit, but Microsoft is on the receiving end of that transit and gets the plain text password. The encryption does nothing to prevent the third party, that is Microsoft, from impersonating the user and reading all their mail.
You're correct it's necessary for how they use this, to impersonate a user and 'clone' their email data. But then, that is the problem, they shouldn't be able to do this at all.
Okay but the existence of a problem does not change the simple fact that it's encrypted. So many people arguing against this point out of some misguided sense of fuzzy logic.
It is encrypted in transit, but Microsoft is on the receiving end of that transit and gets the plain text password. The encryption does nothing to prevent the third party, that is Microsoft, from impersonating the user and reading all their mail.
12 replies →
Gur rkpvfgrapr bs rapelcgvba qbrf abg punatr gur fvzcyr snpg gung jung gurl ner qbvat vf onq sbe frphevgl naq ubeevoyr sbe cevinpl.
it is not a hash
They didn't say it was. They were asking what use a hash would be.