This thread is frustrating. Everyone seems more interested in nitpicking the specifics of what OP is saying and are ignoring that a forum sends you your password (not an automatically generated one) in an email on registration.

  • @MajorHavoc
    link
    21 year ago

    Using “we use a reversible hash” to claim “we don’t store passwords in plain text” is the “corn syrup is not sugar” of the cybersecurity world.

    It’s technically correct, while also a bald faced lie.

    • @poopsmith
      link
      11 year ago

      Not sure what you mean here, this is what the forum post said:

      After emailing (admittedly not current best practice), the passwords are hashed and only the hash is stored.