-
Website
http://bobcaswell.com/ -
Original page
http://bobcaswell.com/2007/03/15/pet-peeve-why-do-companies-still-send-me-my-password-through-email/ -
Subscribe
All Comments -
Community
-
Top Commenters
-
frivmo
7 comments · 3 points
-
Seo Singapore
2 comments · 93 points
-
SEO
3 comments · 9 points
-
Xephrey
3 comments · 1 points
-
Janette Toral
1 comment · 11 points
-
-
Popular Threads
-
Practically Idea Episode 2: Politics, Tech, & Movies
2 weeks ago · 6 comments
-
Practically Ideal: A New Podcast I’m a Part Of
3 weeks ago · 5 comments
-
Practically Idea Episode 2: Politics, Tech, & Movies
That said, the "correctness" of selected feature is a balance between benefit and risk. For most people e-mailed passwords offer a risk is lower than the convenience. The real issues are 1) risk and benefit are arbitrary and individually defined by the user, not the website creator and 2) no alternative risk/benefit choice is offered by the website creator. In the first case the problem space is ignored and in the second the solution space is ignored.
I've used websites where e-mailed passwords were *not* used for password recovery and the chosen alternative was so onerous compared to the value of what I was trying to get done that the *lack* that e-mailed passwords both incensed me and reduced the value of use the website to me.
Emailing passwords is bad form, especially if you can't opt-out of the password being emailed to you.
And J, to quibble a bit, I have to say that I don't necessarily agree that "the core problem is to use the same password everywhere." The problem I'm talking about (passwords being emailed) would still be the exact same problem even if I picked a brand new password exclusively for my new login. If I care anything for my privacy / security, I don't want it emailed to me, plain and simple.
Anyways, I don't care even a few companies do that because it's my habit to use a 5 to 8 characters long password during the signup process. No matter if it's a big company like IBM or a new startup, I do change my password after receiving the account activation email.
Even in the current Web 2.0 era, I've experienced a few Web 2.0 startups sending passwords included in their account activation email. They really need to understand that this is the year 2007!
http://passpack.wordpress.com/2007/04/06/how-sa...
An online Password Manager that sends you your master password via email. (I know it's not nice to point a finger like this, but I'm honestly shocked)