I agree with you that receiving your password via email in plain text is
a very bad idea. I thought of a password being encrypted in the email.
It is best not to forget your passwords, but if you have many different
passwords as I have, use an encryption tool or develop your own
as I have, and keep an encrypted record of all your pass words along with
the site(s) information. Note: For me to see my passwords, I use a program
that can't "run" in Windows. It must be real Dos mode, therefore I use an
On Mon, 01 Nov 2010 16:10:36 GMT, in alt.computer.security you wrote:
>On Sun, 31 Oct 2010 12:52:31 -0500, firstname.lastname@example.org wrote:
>> Note: Some web sites will send you your pass word via email, which is a
>>very good idea.
>Actually, this is a very bad idea ! Such an email contains your
>password in plain text, for (almost) anyone to see.
>While proper password handling requires that a password is never
>transmitted in plain text. (Compare: for security reasons, your
>screen usually echoos * for any password character you type :-)