Author | Comment | |
---|---|---|
1. 2 Jun 2016 07:51 | ||
Don't you think in this day and age it is probably a bad idea not to provide an area to change your account password? Even worse, when you select the 'Forgotten password' section, you just email the current password in plain text o.O At the very least you should be storing salted hashes of our passwords. It should not even be possible for you to just grab the plain text form from your database and email it to us. |