Quote:
Originally Posted by mtn335
I'm glad to hear this. It's still not as good as a hash - encryption can be and is compromised, as it more or less depends on keeping the host's internal network (and thus the key) secure - but it's better than plaintext. They still shouldn't be sending people passwords in the open, though. Much better a controlled-and-timed reset link.
|
Agree...and I've done it that way for years. Flattering to be copied.
