OT: Worthwhile *security-competent* web host?
Andrei Alexandrescu
SeeWebsiteForEmail at erdani.org
Sun Jan 25 13:51:28 PST 2009
Christopher Wright wrote:
> Andrei Alexandrescu wrote:
>> Never ever *ever* EVER *EVER* email a password in clear. I'd say, if
>> anyone thinks she wants to do that, she doesn't deserve a server that
>> understands basic security concepts, even if one existed.
>>
>> Andrei
>
> This isn't terribly important if you're only considering one system that
> does not require any significant amount of security.
>
> However, people reuse passwords, and sometimes they'll use the same
> password for sensitive and non-sensitive systems.
My point exactly. I do have one "insecure" password that I use e.g. with
mailing lists, and a "secure" password. The worst that happened was that
some webmoron has set up a system that asked me to choose a password via
a https protocol, to then email it to me in clear... When I tried to
casually explain the mistake of his ways, he got all combative.
Andrei
More information about the Digitalmars-d
mailing list