[Ekiga-list] Passwords stored and sent unencrypted - Security problem

From: Patrik Lermon <patrik lermon gmail com>
To: ekiga-list gnome org
Subject: [Ekiga-list] Passwords stored and sent unencrypted - Security problem
Date: Sat, 18 Aug 2012 08:16:38 +0200

Greetings.

I'm not sure this is the correct list, but I just performed a password
reset on my ekiga.net account (here:
https://www.ekiga.net/index.php?page=forgot), and I was not very
pleased by receiving my password back in plain text.

This means ekiga not only stores my password (hopefully not in clear
text, but what do I know), but also chooses to send my password
unencrypted via mail. Ekiga should only store a hash, preferably
salted, and thus not send the password but instead offer me to reset
it and choose a new password.
I would like to get in touch with someone with the power to change
this behavior.

Best regards,
  Patrik

Follow-Ups:
- Re: [Ekiga-list] Passwords stored and sent unencrypted - Security problem
  - From: Eugen Dedu

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]