I just signed up for Site5 Q&A (strange that I had to as I already have a hosting account) and I just got a rather disturbing automated email with my username and password completely in plaintext.
A system with good security would never even be able to show me my password in plaintext as it would be encrypted / hashed / etc when I put enter it for the first time and it would *never* stored in plaintext.
These days it’s not uncommon to hear of hackers breaching various companies and stealing user information. The thought of my password being available in plaintext on your servers honestly makes me question what other bad security policies you have. It really undermines any confidence I had in the company as a whole.
Why are Site5 Q&A account passwords sent in plaintext? Will this ever be changed? Are any other account passwords (namely hosting accounts) also stored in plaintext?