[wp-trac] Re: [WordPress Trac] #2870: Password handling improvements
WordPress Trac
wp-trac at lists.automattic.com
Tue Jul 11 16:11:36 GMT 2006
#2870: Password handling improvements
----------------------------------------------------+-----------------------
Reporter: markjaquith | Owner: darkfate
Type: enhancement | Status: assigned
Priority: normal | Milestone: 2.1
Component: Administration | Version: 2.0.3
Severity: normal | Resolution:
Keywords: bg|has-patch|needs-testing|2nd-opinion |
----------------------------------------------------+-----------------------
Comment (by masquerade):
Out of curiosity on a comparison of how many other web applications do
this, I searched my primary inbox for the past couple of years, a few
thousand mails, including everything I ever signed up for, for my
passwords. 9 results came up total, which I know is tiny compared to how
many places I have signed up for. A few offenders are dreamhost, newegg,
and a few other places I buy hosting from. Nothing from any forum,
blogging site, etc.
Really, to me, encouraging users to save their password in their inbox is
encouraging more and more lenient security policies. I'm not saying that
some fool might do it anyways, but we shouldn't facilitate people trying
to do something foolish, and anything that shows you the password you just
created is included. You should have to type it twice to confirm you know
the password, we shouldn't have to tell them what they just typed twice,
I'm pretty sure they know what they just put.
--
Ticket URL: <http://trac.wordpress.org/ticket/2870>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list