Because I forget stuff. Part of

Note: It appears you must have reached this page by a deep level URL. In general this site is currently down and unmaintained. See here

About This Post

Originally posted March 14 2006 at 15:03 under Web. 0 Comments. Trackbacks Disabled. Last modified: 24 March 2006 at 01:01

Pass On The Word


If you’re a developer building some sort of user registration system at what point does it seem to you a good idea to send an unencrytped confirmation email with the user’s password in plain text? This is just stupid. They just gave you the password; is it really that likely they’ve forgotten it already? Just show some respect to the password and don’t do it. It’s not just the intercept across the web possibility—odds are your site isn’t secure anyway—but it increases the somebody looking over the shoulder possibility at a point where you really shouldn’t expect to see security information displayed (this is the exact reason that password fields display ******). The number of places which do this is amazing. Just don’t. Message over.

Comments (0):

Post a comment

Name and email address are required. Email address is never shown. If you enter a URL your name will be linked to it (this and other links will have the rel attribute set to contain nofollow). Markup allowed: <a href="" title="" rel=""> <em> <strong> <abbr title=""> <acronym title=""> <p> <br />. Anything else is stripped; please be valid. Single linebreaks automatically convert to <br />, double to <p>'s. Additionally anything that looks like a bare URL should get automagically linked. Many acronyms and abbreviations are also automagically handled.

Please note this blog's comment policy

Trackbacks (0):

Trackback URL:


This Crazy Fool

Dr Ian Scott
Croydon (and Gateshead), United Kingdom
Bullding Services Engineer (EngDesign), PhD in Physics (University of York), football fanatic (Newcastle United), open source enthusiast (mainly Mozilla)

More about me [Disclaimer]

You may subscribe to IMS_Blog using the RSS Feed, the Atom Feed or by email.

Creative Commons License

From March 14 Other Years

© Ian Scott. Powered by Movable Type 3.2. This blog uses valid XHTML 1.0 Strict and valid CSS. All times are local UK time. For further details see the IMS_Blog about page.. All my feeds in one.