Geocaching.com Storing Plaintext Passwords
I completely found myself in shock earlier today when I had to use the ‘forgotten password’ feature on geocaching.com. To my complete amazement, they emailed my password back to me in plaintext. Now, bearing in mind that most of their site is basic in features I’m sure they haven’t generated their own two way encryption so that means they’re storing passwords plaintext which in this modern age is suicidal.
I simply couldn’t believe it, I hope they can prove me wrong but I’m almost sure they storing them plaintext. Please, someone from geocaching.com contact me and tell me you have some space age encryption going. Until then, I’m changing my password to something retarded.