Bongofish

General Category => Suggestions => Topic started by: pixxelfrizzel on November 17, 2013, 06:03:05 PM



Title: registration-mail with cleartext password: Very dangerous!
Post by: pixxelfrizzel on November 17, 2013, 06:03:05 PM
I see that you send the password with the registration-mail. It would be good to disable that feature because security risk. Any passwd entered at registration page is freely readable by anyone worldwide. So its burned out and cannot be used anymore anywhere, not even when you use a special kind of password.

Please could you change this behaviour? Thanks a lot.


Title: Re: registration-mail with cleartext password: Very dangerous!
Post by: bernard on November 18, 2013, 04:37:19 PM
I see your point. I just hope you didn't use a password that can unveil how to access all the other sites you are registered with... (please don't tell out loud if the answer is yes!) 

I'll forward this request to the site owner.  If we cannot change that, maybe we can at least warn that "the password will be sent as cleartext in an email during the registration". Maybe you wouldn't have registered in the first place or selected another one.