I recently forgot my PINCHme password, and was a bit surprised to get the "forgot my password" email containing my full password in plain text.
Just googled around and saw someone else logged this on a site called Plain Text Offenders to highlight websites that store passwords in plain text.
http://plaintextoffenders.com/post/49556923541/pinchme-com-a…
i'm not surprised. the security on pinchme.com.au is woeful. their website doesn't even use something as basic as ssl! i can only assume they are incompetent. the other alternative is the don't give a stuff about the security of your personal information. all their emails come from overseas mail servers instead of mail servers located within australia. i shudder just imagining what their database security is like.
Interesting. Never thought to check the whois and madewith of a lot of those sites, but maybe I should.
I use Firefox addons, how do you check them?
Sucks, but not as bad as if it were an E-Mail or banking site. It's just address on that PM site. If you were required to give CC detals to PM then it would be a pretty big concern.
So many sites do this. I used to get annoyed and reply to sites that sent a 'Welcome to website' registration letters with username and PW in text. Now I just roll my eyes and delete it.
Yet another reason not to have same passwords, but we're lazy.
Never use same or similar PW of your E-Mail and banking as the rest of the sites like log ins for forums etc.