While they probably do not store in plain text and are just encrypting/decrypting, they still are not following the best practices of hashing the password in a one-way method.
Of course, they also shouldn't be sending any password, even a newly generated one clear text in an email like that.
2 comments
[ 5.1 ms ] story [ 16.7 ms ] threadOf course, they also shouldn't be sending any password, even a newly generated one clear text in an email like that.