OT: Worthwhile *security-competent* web host?

[Andrei Alexandrescu]

Sergey Gromov wrote:
> Sun, 25 Jan 2009 13:51:28 -0800, Andrei Alexandrescu wrote:
> 
>> Christopher Wright wrote:
>>> Andrei Alexandrescu wrote:
>>>> Never ever *ever* EVER *EVER* email a password in clear. I'd say, if 
>>>> anyone thinks she wants to do that, she doesn't deserve a server that 
>>>> understands basic security concepts, even if one existed.
>>>>
>>>> Andrei
>>> This isn't terribly important if you're only considering one system that 
>>> does not require any significant amount of security.
>>>
>>> However, people reuse passwords, and sometimes they'll use the same 
>>> password for sensitive and non-sensitive systems.
>> My point exactly. I do have one "insecure" password that I use e.g. with 
>> mailing lists, and a "secure" password. The worst that happened was that 
>> some webmoron has set up a system that asked me to choose a password via 
>> a https protocol, to then email it to me in clear... When I tried to 
>> casually explain the mistake of his ways, he got all combative.
> 
> All my passwords are generated, and different.  When I acquire a
> password for a sensitive resource I make sure to change it to generated
> as soon as possible.

Now what password do you use for the file you keep all your passwords 
in? :o)

Andrei