If a "forgot your password?" page emails your old password, is that definitive proof that they have

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by S. Michaels on Super User See other posts from Super User or by S. Michaels
Published on 2009-09-25T16:16:18Z Indexed on 2010/04/10 19:53 UTC
Read the original article Hit count: 282

Filed under:
|
|

When a site emails your old password, as opposed to requiring you to reset it on the site, I'm wondering what that implies about their security measures.

Does this mean that they store the password in plain text for their own convenience or could they still use encryption on the password?

© Super User or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about security

Related posts about passwords

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle