does it make sense to send password information during email communication from websites
Posted
by Samuel
on Stack Overflow
See other posts from Stack Overflow
or by Samuel
Published on 2010-06-18T03:34:32Z
Indexed on
2010/06/18
3:43 UTC
Read the original article
Hit count: 229
Most of the online sites on registration do send a link to activate the site and on any further correspondence with the end user they provide information about the site and also provide the login credentials with password in clear text (as given below)
Username - [email protected] Password - mysecretpassword
What would you do in such a case? From a usability perspective does it make sense to send the password information in clear text or should you just avoid sending this information. I was under the impression that most of the passwords are MD5 hashed before storing in the database and hence the service provider will not have any access to clear text passwords, is this a security violation?
© Stack Overflow or respective owner