Clear Passwords
2008 is almost over but still there are respectable and notable companies that act like security is non of their business. I find it very irritating that some companies that promote security as a product and company differentiators act in a non secure fashion. Following the “no one want to see an obese promotes healthy food” analogy, I would expect companies nowadays to act in a secure fashion. Most of the web sites will send you a thank you letter after registering at their web site, but as I discovered today, some will send you an email confirming your registration alongside your username and password in cleartext.
As a service for those who forgot, here’s how email privacy works:
How email works
And here’s the message that turned me mad (Identifiable elements deleted to protect the innocent):
