Hacker News new | past | comments | ask | show | jobs | submit login

There is NO SECURITY DOWNSIDE to emailing a user's password to them vs. having some multi-step reset procedure.

One downside is that the email can later be found and used by an attacker, whereas the multi-step procedure generally relies on information not present in the directions (such as a birthdate or secret question). An attacker who gains access to the email at a later point (not just intercepted) can gain access to the account without further effort or risk.

Another downside is that exposing the password in plaintext allows the attacker to gain access to other accounts on other systems where the user has used the same password. In contrast, the multi-step approach must be used against every site.

To say that there is 'no downside' is to say that there is no problem with storing passwords in plain text on your server, because if an attacker has gained access to your server they already have access to your accounts. Possibly true, but this ignores the irresponsible and anti-social aspects of exposing a user to further attacks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: