The man who wrote the book on password management regrets the error

[jandrese]

I wonder how many sites have been taking down by SQL injection attacks inside of a password. That would take something of a perfect storm of bad design, which is why I'm pretty sure there are sites out there that are vulnerable.