Quote:
Originally Posted by helterskelter808
Paxum send new passwords via email in plain text? Perhaps they do store them in plain text then.
|
I'm sure, and hope, they store them hashed, as you can send a new password without storing it in plaintext, but that still doesn't stop the fact that someone can access my email data and get that password no problem... The best thing to do would be send a link that is only usable once and then take them to the site to set a new password. Not send a password.