On May 19, 11:57 pm, "D'Arcy J.M. Cain" <da...@druid.net> wrote: > I hear you but I'm not so sure that that is an absolute. There are > many applications that allow you to have your password emailed to you. > For something with low risk that's perfectly acceptable.
Having -any- password stored in plaintext is unacceptable. I'm pretty sure I'm not the only person who uses a simple algorithm to generate passwords based on context. If you're running a site and you're not going to bother to secure my credentials, I'd hope you'd at least mention that at sign up so I could adjust my behaviour as appropriate. -- http://mail.python.org/mailman/listinfo/python-list
