Ask HN: Should my domainhost be storing passwords in cleartext?
My domain provider asked me for the first four letters in my password when I contacted them on the phone earlier, to try and resolve a problem at their end.
Presumably that means they store passwords in clear text, right? If so - that's... well, bad - isn't it?
2 comments
[ 3.3 ms ] story [ 23.7 ms ] threadAnd there is the offending company, on line 4501.
https://github.com/plaintextoffenders/plaintextoffenders/blo...
Added in 2015.