Hacker News new | past | comments | ask | show | jobs | submit login

Still, you can have your passwords very securely stored in bcrypt AND mail the plain text out when the account is created. If your email isn't secure that should really be dealt with, and separately.



No. E-mail is an unencrypted, unauthenticated protocol; how could sending out plain text passwords over a plain text protocol ever be a good idea?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: