Hacker Times
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
estel
on April 6, 2011
|
parent
|
context
|
favorite
| on:
Plain Text Offenders - Did you just email me back ...
Sorry, I didn't clarify: they showed in plaintext the password that
I supplied
and emailed
my password
back to me.
mootothemax
on April 6, 2011
[–]
Emailing a password after registration does not, in itself, indicate that passwords are being stored in plain text.
nodata
on April 6, 2011
|
parent
|
next
[–]
My secure password being sent across the open net in an e-mail is reason enough to shame the company doing that.
bogomips
on April 6, 2011
|
root
|
parent
|
next
[–]
While much is made about passwords being sent across the open net, almost every site short of banks allow you to reset a password with an email, which is a close to identical problem.
epochwolf
on April 7, 2011
|
root
|
parent
|
next
[–]
Reset links can have an expiration time.
Kudos
on April 6, 2011
|
parent
|
prev
[–]
In addition to this, the open source distribution of Wordpress hashes passwords.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
