62place
Idea.Informer All the ideas and discussions
7 votes Vote

Do not send the passwords in an email

After registration I received my password back in the welcome e-mail. Hmm... In simple case it is just insecure. In the worst case it means that the password store in DB.

foal, 31.07.2013, 10:51
Response from the site administrator
iiVoice, 12.08.2013
Thanks for the concern, we'll consider it.
Idea status: scheduled

Comments

sitterheim, 22.08.2015, 09:52
Oh ... my .... god!!

This needs to be on the very top of the list of issues. Seriously. You are even sending out the EXISTING password in PLAIN TEXT by email whenever someone goes through the "forgot password" process.

Now imagine the user used one of his "secure" passwords and now, thanks to you sending it as PLAIN TEXT over the Internet, essentially becomes PUBLIC KNOWLEDGE.

It's really a no-brainer that any plain-text information is easily accessible even to non-hackers. I'm not just talking NSA here, it could technically and easily be anyone. More so, if someone already has "an eye on" said individual, for whatever reason.

At a minimum it should be REQUIRED to change the initial password you send out by email (really easy to do) and in addition the "forgot password" process should send a link by email where the person is REQUIRED to change his password (he shall never learn what the password is).

This is Internet Security 101, pretty basic and easy stuff really. Just because you run a business that (generally speaking) doesn't host sensitive information means you can mess this up THIS badly.

It is not up for consideration. It is plain and simple a NECESSITY!!!

OMG, again. :(
Reply
iiVoice, 26.08.2015, 16:46
It's not cool, we know that and will fix the issue as soon as we're able to.
Reply
sitterheim, 26.08.2015, 21:46
You knew it for at least two years based on your original reply (2013/08/12).

How much longer until you are "able to"? Arguing at this point that it's a matter of schedule is weak, to say the least. If you had any concern for your user's password security, you would have long fixed this.

I actually fear far worse than that because sending out passwords in plain text usually means that you are actually STORING the passwords in PLAIN TEXT in your database!

Which makes your services an EXCELLENT TARGET for hackers as they might get thousands of user logins and passwords essentially for free with one sweep. Given your lack of concern for user passwords, it's reasonable to worry that your network infrastructure itself is not protected all too well either (latest software updates installed? everyone using secure passwords? all user input properly filtered to prevent SQL injection and what not? ...).

So no ... you HAVE to be able to fix this ASAP!

There's no way about this. You're running several informer.com services which I presume means they'll have the same issue, and potentially thousands if not tens of thousands of users for whose password security you are responsible for!

So ... if said hacker gets in, steals that data, there's two things going to happen:

- The hacker blackmails you.
- The hacker uses the user email & plaintext passwords to his own benefit. You and your users will not be aware of it until the damage is done.

This is not a threat. This is what most recently happened to my own webhost! And they were lucky to be blackmailed quickly after the breach, because they immediately informed their users to change all their credentials and it's safe to assume that the hacker itself wasn't able to make money of all that information by himself via other channels (ie it means the hacker wasn't able to or couldn't be bothered decrypting the salted hashed passwords or selling them to criminals).
Reply

Leave a comment