Source: http://plaintextoffenders.com/A website storing a password in plain text means that your password is there, waiting for someone to come and take it. It doesn’t even matter if you’ve created the strongest possible password. It’s just there.
Websites that store your password in plain text.
Websites that store your password in plain text.
Re: Websites that store your password in plain text.
Often wondered about such practices, which I found mostly in mailing lists. What's the point of setting a password if it then travels back to you -- across all of the Internet -- in plain text?
Re: Websites that store your password in plain text.
Whilst I do think storing passwords in plaintext is one of the stupidest things any web dev can do that entire website is based on the premise of someone getting hold of your emails If someone has got access to your emails it makes no difference if they send your email in plaintext or not since reset emails will also be sent to that address.
- JohnTHaller
- Posts: 717
- Joined: Wed Feb 10, 2010 4:44 pm
- Location: New York, NY
- Contact:
Re: Websites that store your password in plain text.
There is a small difference as, if someone gains access to your email, they can request your passwords from sites like that and get your password without you knowing. For sites that reset your password, they'd need to change it, which may alert you to someone messing with it. A small difference, but a difference.carbonize wrote:Whilst I do think storing passwords in plaintext is one of the stupidest things any web dev can do that entire website is based on the premise of someone getting hold of your emails If someone has got access to your emails it makes no difference if they send your email in plaintext or not since reset emails will also be sent to that address.
PortableApps.com - The open standard for portable software | Support Net Neutrality
Re: Websites that store your password in plain text.
But how long would a malicious person need to have access to your account for to do serious damage or gain access to your personal details? I doubt anyone after your passwords would be in it for the long haul.