Linden
17-07-2015, 04:54 PM
here is the note I sent to MA this morning ... (cc MNSW StGeorge)
No response 9 hours later
Good morning
Regarding the MA RideNet site
As a long time Computing Specialist I was very concerned to see that
1) you store user passwords
2) you send passwords in plain text via email (and include user id in
the same email)
3) you email the above WITHOUT prior request
Given the additional details you store this places anyone who uses you
site at great risk of serious identity fraud
Please feel free to call me to discuss or have a look at something like
http://plaintextoffenders.com/faq/devs
Linden ROTH
Any other IT people (and others) care to comment
No response 9 hours later
Good morning
Regarding the MA RideNet site
As a long time Computing Specialist I was very concerned to see that
1) you store user passwords
2) you send passwords in plain text via email (and include user id in
the same email)
3) you email the above WITHOUT prior request
Given the additional details you store this places anyone who uses you
site at great risk of serious identity fraud
Please feel free to call me to discuss or have a look at something like
http://plaintextoffenders.com/faq/devs
Linden ROTH
Any other IT people (and others) care to comment