• Log In
  • Sign Up
    • Yes, indeed. Security best practices are there for a reason, well known, and well understood. Not using them should probably be grounds for malpractice lawsuit.

      With that in mind, imagine my feelings when after forgetting the password to my (state owned) electricity co and clicking 'forgot my password' link, I got my original password, in cleartext, in my mail. :-)