Dec 192009


Thank you for sending the information for my new account to me in clear text. It’s good to know you’re not remotely serious about protecting my personal information from being compromised.

Fortunately I a) did not mis-type my e-mail address when giving it to you, or b) have my e-mail account accessed by a third party, so my username and password did not wind up in someone else’s hands.

Sheesh. In this day and, you’d think anyone who runs any kind of network service would know better than to send passwords and login information together like that, with no encryption or verification.

But then, I’ve seen network servers that have their root password set to “password,” so I guess security is not an issue on everyone’s mind.

  2 Responses to “Basic Security? Whassat?”

  1. Even worse is when the company will happily send you your password again when you forget it, which lets you know they are storing your actual password somewhere in a database. They should never remember your plaintext password, and it always makes me nervous when I see that is how they do it…

    • And then we see yet another news story about how lots of people’s private information got leaked when a company’s data was compromised.

Sorry, the comment form is closed at this time.