Author Topic: Email with password in Plaintext!  (Read 2677 times)

jeffpinto

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
Email with password in Plaintext!
« on: March 23, 2015, 12:17:24 AM »
I just noticed that the email I received confirming my site registration has my user name and the password in plain text. This is bad form! If I had used a password that was the same as I use on other accounts this could make a big security hole. This should be fixed immediately.
Patience brings power

Support7

  • Administrator
  • Sr. Member
  • *****
  • Posts: 472
  • Karma: +1/-0
Re: Email with password in Plaintext!
« Reply #1 on: March 24, 2015, 10:44:12 PM »
Which site were you registering for where you saw your password as plain text? we will work on getting this resolved.

ThermoMan

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
Re: Email with password in Plaintext!
« Reply #2 on: February 06, 2017, 07:02:47 PM »
I just got the same thing
 :o

I immediately logged in and changed my PW, but once y'all encrypt the thing and store the encrypted version you should not been keeping a plain text pw around.  You are storing the encrypted version right?  (I am a software developer)
https://nakedsecurity.sophos.com/2013/11/20/serious-security-how-to-store-your-users-passwords-safely/
« Last Edit: February 06, 2017, 07:06:17 PM by ThermoMan »