You know the drill.
- Signup for some random service on the internet
- Receive a confirmation email with your account information
or
- Forget a password for some random service on the internet
- Receive an email with your current password
In today’s day and age, I’m not aware of any good reason why we (the services) should be transmitting user credentials (namely their passwords) in an email. The HBC Run For Canada site was the latest example I ran into. If I go to the bank and tell them I’ve forgotten my PIN, are they going to verify my identity and just tell me my old pin or require me to specify a new pin? I suspect the later.
Bearing in mind that I’m slightly more technical than most people but I don’t expect any service to store my password in plain text let alone be able to provide it to me on-demand.
We’ve already got infrastructure for single-use reset password URLs, hints, etc. so let’s use them uniformly. Nothings perfect but depending on your particular audience, something like OpenID could very well be a nice solution to end-user authentication.
-
Win7, nice to meet you. I hate to admit it but I’ve been running Vista on a desktop machine at home for the better part of the past 8 months. It has not been ...
-
Windows Live Writer isn’t bad Until recently, the bulk of my writing was done on a Mac using Ecto. I was looking for a suitable publishing tool for Windows and was directed towards ...
-
Pet Peeve: Don’t email my password to me in plain text You know the drill.
Signup for some random service on the internet
Receive a confirmation email with your account information
or
Forget a password for some random service ...
-
Eclipise Memory Analyzer (MAT) I must say the Eclipse Memory Analyzer looks pretty slick. There is some pretty good material over on the developers blog. Lastly, there was a talk on it ...
-
Open-source Web-based Code Review Tool: Rietveld Guido van Rossum, of Python fame, has recently released a Django-based application that enables web-based code reviews... Rietveld.
It supports any language and currently can hook into Subversion repositories. You ...
Latest Entries
- Hibernate Scalability Talk
- Win7, nice to meet you.
- Good-bye Exchange, it was nice knowing you (I hope)
- Framework misuses are still your bugs.
- "No matter how cool your interface is, less of it would be better."
- Ribs ribs ribs RIBS!!!!
- Great Article on David Kelly
- Windows Live Writer isn’t bad
- Playing around with Rails again
- Lessons Learned as a Project Lead
Blogroll
No Comments
Leave a Comment
trackback address