What's the betting that the developers brought up the plaintext password problem at the time and were overruled?
I've lost this argument with PHBs in the past. They want to be able to send password 'reminders'. Sometimes they want to be able to look up users' passwords too.
Once they've made the decision to misfeature like this, nothing will change their mind: that would show weakness or fallibility.
I bet there's a developer somewhere in the UK right now who's glowing with a warm sense of I-told-you-so.
He wasn't "singling out" Tescos. I'd like to know who these unsourced critics are. Looks to me like another example El Reg inserting a bit of misinformation in their reporting...
3 comments
[ 3.8 ms ] story [ 16.1 ms ] threadIt didn't use to be. Time to sell your shares.
I've lost this argument with PHBs in the past. They want to be able to send password 'reminders'. Sometimes they want to be able to look up users' passwords too.
Once they've made the decision to misfeature like this, nothing will change their mind: that would show weakness or fallibility.
I bet there's a developer somewhere in the UK right now who's glowing with a warm sense of I-told-you-so.