I am just curious is it illegal or against the data protection act to store password in plain text form? Or to actualy look at them?

My school ha sa system called FristClass it is used to check email and the like but the admin tol dus offor having rood passwords. I aksed him how he knows and he said he can see them.

Stuart

Of course it's not illegal. Technically your db/server should have adequate security precautions (i.e. good passwords, firewall blah blah blah) to stop people doing bad things, but it's not illegal. However, you would be advised not to store your passwords in palaintxt.

Im pretty sire its not right somewhere as it can be used against you. If i use the same password on mutiple sites they would have my password for hotmail etc!!!

Im going to complain but i need some grounds to!!

I mean its not right him looking at them and comenting on them!

I'm pretty sure that as long as he doesn't use the passwords for evil purposes (muhahahahaha) then it's your problem, not his.

Oh, and also, I'm pretty sure that just having the passwords without doing anything with them (being able to look at them doesn't count as doing anything with them) doesn't go against the data protection act.

Oh, and if you don't like this system, don't check your email at school.

You can complain cause the sys admin can look at people's passwords but it won't do any good. In most companies IT changes people's passwords for them and maintains a list of people's passwords, they need them for certain things.

Your username/password is only really implicitly personal information. Besides, your information has been given to this organization with your permission (or in the case of a minor the permission of your parents) this gives them the right to look at it. If they were to pass this information on to another organization or a subsidiary of the organization without your express permission then you would have a case. Well, you would if it wasn't provided the information by the gorvernment. If you read the Data Protection Act 1998 (http://www.hmso.gov.uk/acts/acts1998/19980029.htm) you will see that the gorvernment has a lot of exceptions. It's a long time since I had to look at it, but as I remember when the governemnt provides your information to an organization it is the govornment to dictates how that information can be used. This means that everything is OK so long as you trust your Big Brother ;)
HTH