- This topic has 1 reply, 2 voices, and was last updated 9 years, 4 months ago by
.
-
Posts
-
I just signed up for the Autocross forums. Last time I used the forums was back when they were hosted by justracing.com, a while ago I guess.
In any case, after signing up I had the big surprise to receive an email with my user name and password in clear text. This means the password is stored in clear text in the database, which is a big problem if any of you reuse the password across different web services (e.g. Gmail, Facebook, etc). If this is your case, I’d advise immediately changing the password on all these services.
If it is possible, it’d be great if the forums software developers could encrypt the passwords before storing them in the database using a slow hash function.
This means the password is stored in clear text in the database
This is not true.
We are looking into the issue of e-mailing you your password in plain text, but I can tell you, the passwords are not stored in plain text. I have access to the database and I cannot see anything.
It’s good practice to not reuse passwords anyway, those who do are at risk no matter where they’re creating them.
I recommend 1password. I can’t live without it!
- You must be logged in to reply to this topic.