[wp-hackers] Plain text Password?!

Jeremy Visser jeremy at visser.name
Mon Feb 1 11:30:29 UTC 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/02/10 22:26, Tiago Relvao wrote:
> I just received a mailing list memberships reminder from automattic.  It
> seems automattic is saving my password in plain text! Why?
> 
> I hope the mailman-owner would change this or, at the very least, stop
> sending me my password by e-mail.

Almost all public mailing lists behave this way. Indeed, this is the
default behaviour of Mailman.

Besides, you're probably concerned because you used one of your valuable
passwords as your mailing list password. Can I just say that is a Bad
Idea (tm).

If you leave the password field blank, an auto-generated throwaway
password is automatically generated for you when you subscribe.

And if you really are that emotionally attached to using one of your
valuable passwords as your mailing list password, you can simply turn
off the password notification e-mails on the Mailman options. :)

Cheers,
Jeremy.

Click on the link down below to change options...

   _
   |
   |
   |
   v

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAktmu1QACgkQvs6Qqs8TxBqrbQCgr9WDQV4XXH1fTAQ+YG9BW+rG
tOgAnR7B7uifsezp1i6KHO+l5zmwiw+r
=lHV2
-----END PGP SIGNATURE-----


More information about the wp-hackers mailing list