I just signed up for the Autocross forums. Last time I used the forums was back when they were hosted by justracing.com, a while ago I guess.
In any case, after signing up I had the big surprise to receive an email with my user name and password in clear text. This means the password is stored in clear text in the database, which is a big problem if any of you reuse the password across different web services (e.g. Gmail, Facebook, etc). If this is your case, I’d advise immediately changing the password on all these services.
If it is possible, it’d be great if the forums software developers could encrypt the passwords before storing them in the database using a slow hash function.
https://crackstation.net/hashing-security.htm