This thread is frustrating. Everyone seems more interested in nitpicking the specifics of what OP is saying and are ignoring that a forum sends you your password (not an automatically generated one) in an email on registration.
This thread is frustrating. Everyone seems more interested in nitpicking the specifics of what OP is saying and are ignoring that a forum sends you your password (not an automatically generated one) in an email on registration.
Than direct it at the service provider? Oh wait it got fixed a while ago.
Also where does their liability stop? Should they also just assume everyone is compromised? Where does the users onus come into play? I guess they shouldn’t send password resets than, since they should assume that their email is compromised already….
Yeah that’s actually a terrible idea if they must assume that they must protect everyone. Sorry can’t reset your password your email must be compromised.
This is slippery slope bullshit and you know it. I’m not saying providers should have to magically prevent anything. I’m only saying they shouldn’t send you your password in an email. Crazy take, I know.
Also, with regards to it already being fixed or not, when I made this thread I hadn’t seen anything about that in the other thread. I’m more just annoyed that people want to dunk on people with supposed gotchas while acting like sending a password in an email is okay somehow.
No it’s not slippery slope in this case, it’s what you’re suggesting and why it’s utter bullshit. But yes of course that’s the obvious defense to take there.
You’re not only saying that, you said that they need account for everything. Two totally different things. Can’t have X and not have Y.
Sending a password is okay in quite a few scenarios, you’re talking to broad again her. Also, maybe make sure you know the story before jumping on as well…? You’re making the issues worse not better.