don't store passwords in unencrypted form!

0 votes

Shame on you!!! You're storing and transmitting my password in the clear. Yes, it's just a Q&A forum, but you should be storing passwords with one-way encryption.

closed with the note: There is nothing to do

security
password
forum

asked Feb 27, 2012 in Feature Requests by jms_nh (370 points)
closed Mar 16, 2012 by michael

Your comment on this question:

Your name to display (optional):

Email me at this address if a comment is added after mine:Email me if a comment is added after mine

Privacy: Your email address will only be used for sending these notifications.

Anti-spam verification:

To avoid this verification in future, please log in or register.

1 Answer

+1 vote

Of course, passwords are not stored in plain text but encrypted with SHA1. The plain text is available only at the registering.

answered Feb 28, 2012 by michael [yWorks] (26.8k points)

@jms_nh: This is quite common with many websites, who send your password to you before it is hashed to the place of no return.

commented Feb 29, 2012 by pete (210 points)

ok, good to hear it. thanks.

It would be helpful to add a note with the registration email to that effect. I mean, sure, use of this forum doesn't involve vital financial or medical information, but we all have enough to worry about security as it is. (I personally would rather not get passwords sent to me in the clear at all: it's a very minor but still possible security risk.)

commented Apr 6, 2012 by jms_nh (370 points)

Your comment on this answer: