Originally posted by ddraig
really, do you think you guys can NOT send the password we use via plaintext email, or perhaps you might want to WARN US that any password we use will be sent in plaintext and thus be world-readable?
I'm glad I did not use a password I use elsewhere.
Sheesh, talk about basic security.
This site holds no sensitive information. What's the big problem?
If you're serious about online security then you wouldn't have re-used a password anyway and also you'd understand that even if a site uses a double opt in policy so that no password need be sent via email then the site is only as secure as the people operating the site.
Having the best encryption systems in the world over the internet is like sending incredibly valuable things via Securicor (replace with a trusted courier of your choice) using an armoured truck to do business with someone that could be operating from a cardboard box in the middle of a public park.
Now I'm not suggesting that RHP in any way is not to be trusted - far from it. I'm saying that you need to get things in perspective if you think that sending you your password in an email (as a convenience for you) has somehow violated your privacy in any way. A lot of people will use their email as a way of reminding themselves of what they set their password to.
One only needs to go through the rigmarole of opaque communications (and all that that entails) when one has very
sensitive info to send and one absolutely
trusts the validity and integrity of the party receiving the information. Having said that, it still amazes me that people do not realize that the information sent in emails is the equivalent of things written on postcards - anyone can read them. Anyone.