joined:Mar 2, 2009
Got the feedback email, went to login, but I forgot which password I used to sign-up with. No problem, I used the lost password form.
The problem is, when the email arrives, instead of a reset link, I see my password starring at me in plain text.
I'm not suggesting you take security lightly, but storing passwords in the clear is a disaster waiting to happen.
I realize implementing hashing would be a big task, but it really has to be done IMO.