password security

[dbring]

I just registered and was surprised that the confirmation email showed my selected password in the clear. My understanding is that this is not a good practice from the viewpoint of web/email security.

Thanks,

Dave Ring

[ERIC]

I just registered and was surprised that the confirmation email showed my selected password in the clear. My understanding is that this is not a good practice from the viewpoint of web/email security.

Thanks,

Dave Ring

Hi Dave,

First of all, welcome to HST! - and thank you for your input. I do see some merit in your suggestion. However, the forum software we use, phpBB, is one of the most common forum softwares found on the internet. This is the first time I've heard/read this type of complaint when it comes to the phpBB forum software, and I read the comments/suggestions forum on their own Website quite often. Also, most other forum softwares out there are very similar in design to phpBB. I could be wrong, but I do believe most include this same feature.

As a suggestion; I never use the same password(s) for message forums as I use for any of my truly "sensitive" online accounts (ex. banking, Ebay, TD Ameritrade, etc). However, what's interesting is that a number of the sites I use which would fall into the "sensitive" category send passwords via email. So either those sites are being really stupid, or this practice maybe isn't as big of a cause for concern as you think it might be.

In any case, I will post your suggestion on the developer area over on the phpBB site and see if anyone has any ideas for improvement.

Thanks again,

Eric