The login form is currently unprotected -- should post to an SSL-protected login form. Similarly, users should not receive passwords via email after signing up (or ever).
yes - *very* poor security practice, especially emailing passwords in the clear. 'Beta' is no excuse, security should come first.
It's a food website - why does it need to be secure? There's no financial or personal information gathered.
Many people use the same login info for multiple sites. I think it's poor netiquette to send passwords in plaintext.
Plus, there's always the chance of a malicious person posting under someone else's name. I would hate to be the one who's kicked off of Chowhound because a spammer started posting offensive or junk material using my name and password.
Yup, what he said.
Most Recommended Discussions on Site Talk
May 22, 2013
UPDATED about 1 hour ago
Need an email address please
UPDATED about 15 hours ago
Message Index on iPhone
UPDATED about 19 hours ago
UPDATED about 22 hours ago
UPDATED 1 day ago
Creative Taco Ideas from Chowhound
See All 10 Recipes »
About/Contact CHOW |
CBS Entertainment | About CBS Interactive | Jobs | Advertise