I worked for a company with millions of users that had plaintext passwords in the DB. The login had been rolled from scratch in the days before you could get decent, tested off-the-shelf code for their particular stack. There were always so many fires to put out and projects to keep the wages being paid that it never got looked at. It got bought by Microsoft and eventually they just consumed the whole thing somehow, so it's gone now.
It did allow me to cheekily run a SQL GROUP BY once to see what the most common passwords were, though. Top password was actually "trustno1" IIRC, followed by all the usual suspects, e.g. abcdefg, 12345678 etc. (there were no meaningful password rules)
It did allow me to cheekily run a SQL GROUP BY once to see what the most common passwords were, though. Top password was actually "trustno1" IIRC, followed by all the usual suspects, e.g. abcdefg, 12345678 etc. (there were no meaningful password rules)