This thread is frustrating. Everyone seems more interested in nitpicking the specifics of what OP is saying and are ignoring that a forum sends you your password (not an automatically generated one) in an email on registration.

  • @[email protected]
    link
    fedilink
    2
    edit-2
    1 year ago

    It’s storing it in plain text in at least one third party’s database. Indeed, it’s not stored in plain text locally, it’s doing something much worse

    • Tempy
      link
      fedilink
      11 year ago

      But you are supposed to change that generated password as soon as you use it to login. Now I have no idea about these forums, but you’d expect the software to enforce that need to change

      • @[email protected]
        link
        fedilink
        11 year ago

        It’s still stupid because people reuse password. They shouldn’t, but they do. If it’s one time login, make it a token. There’s zero reason to ever email a password, period