IMS_Blog

Because I forget stuff. Part of norcimo.com

Note: It appears you must have reached this page by a deep level URL. In general this site is currently down and unmaintained. See here

About This Post

Originally posted March 14 2006 at 15:03 under Web. 0 Comments. Trackbacks Disabled. Last modified: 24 March 2006 at 01:01

Pass On The Word

Mood:
Annoyed

If you’re a developer building some sort of user registration system at what point does it seem to you a good idea to send an unencrytped confirmation email with the user’s password in plain text? This is just stupid. They just gave you the password; is it really that likely they’ve forgotten it already? Just show some respect to the password and don’t do it. It’s not just the intercept across the web possibility—odds are your site isn’t secure anyway—but it increases the somebody looking over the shoulder possibility at a point where you really shouldn’t expect to see security information displayed (this is the exact reason that password fields display ******). The number of places which do this is amazing. Just don’t. Message over.

Tags:

Previous Entry Next Entry

Comments (0):

Post a comment

Name and email address are required. Email address is never shown. If you enter a URL your name will be linked to it (this and other links will have the rel attribute set to contain nofollow). Markup allowed: <a href="" title="" rel=""> <em> <strong> <abbr title=""> <acronym title=""> <p> <br />. Anything else is stripped; please be valid. Single linebreaks automatically convert to <br />, double to <p>'s. Additionally anything that looks like a bare URL should get automagically linked. Many acronyms and abbreviations are also automagically handled.

Please note this blog's comment policy

Trackbacks (0):

Trackback URL: http://www.norcimo.com/MT/mt-tb.cgi/534

Advanced...

This Crazy Fool

Who:
Dr Ian Scott
Where:
Croydon (and Gateshead), United Kingdom
Contact:
ian@norcimo.com
What:
Bullding Services Engineer (EngDesign), PhD in Physics (University of York), football fanatic (Newcastle United), open source enthusiast (mainly Mozilla)

More about me [Disclaimer]

You may subscribe to IMS_Blog using the RSS Feed, the Atom Feed or by email.

Creative Commons License

From March 14 Other Years

© Ian Scott. Powered by Movable Type 3.2. This blog uses valid XHTML 1.0 Strict and valid CSS. All times are local UK time. For further details see the IMS_Blog about page.. All my feeds in one.