Does a web send you your password without protection? Report to Plain Text Offenders

Surely you have seen in the situation of signing up for an online service or creating a personal account on a web page, and within seconds receive an email with your user data, including your password, such as, In plain text.

This practice poses a huge security risk, because no matter how secure your passwords are, or even if you use a password manager, if a service stores them as such and sends them by email in plain text, they are available to any cybercriminals, You will not have to bother or decipher them.

Does a web send you your password without protection Report to Plain Text OffendersFed up with this impunity and this lack of security, Igal Tabachnik and Omer van Kloeten decided to create the Plain Text Offenders website, with the idea of collecting all those emails sent by online services and Web pages with the passwords of their users as is, in view of anyone who receives the message.

The web can not be simpler: just enter it you can see the last examples of a poor management of passwords provided by users around the world, along with a sidebar that allows you to browse different sections of the web.

Among these sections you have, of course, the form to send your contribution (if you ever receive a password under these conditions) and, curiously, a section especially dedicated to developers, which answers questions raised by them on a regular basis.

Another curious section is that of Reformed offenders, in which there is a list of pages that managed their passwords without any security, were denounced in Plain Text Offenders and from that moment they improved their security policy with respect to The passwords of its users.

A web, as we said, very simple, but also teaches an important lesson : the security of passwords is not only a matter of the user, but also of the online services to which it is entrusted.

Leave a Reply

Your email address will not be published. Required fields are marked *