“They put their password WHERE?!?”
Personally identifiable information (PII) is freakin’ everywhere.
When companies first start looking to identify and lock down their data, they think it’s going to be as easy as identifying common columns like EmailAddress, DateOfBirth, SocialSecurityNumber, and so forth. They think, “We’ll just encrypt those columns and we’ll be fine.”
Ho ho, my sweet summer child. No, that’s not nearly enough.
Your users are completely diabolical. If you give a user a text box, they will find amazingly creative ways to stuff your database chock full of PII that you didn’t ask for, and you certainly