I suggest you ...

Do not store our passwords as plain text.

I signed up and went to change my password. For reasons which I will file a separate bug for, directly after I had to click on the "Lost Password" link on the login page. I was very surprised to find that the email I received contained my password in plain text, meaning that you aren't running it through a one-way hashing algorithm. C'mon guys, this is Web101 stuff here.

24 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Shawn DellysseShawn Dellysse shared this idea  ·   ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base