

Nic.io stores administrative passwords in plaintext - cemerick
https://www.nic.io/mailpass.html

======
cemerick
I would have thought a domain registry wouldn't do something so egregiously
stupid.

Oh, wait, a domain registry seems like _exactly_ the sort of org that would do
something so egregiously stupid. :-(

------
pavel_lishin
Are you absolutely certain that it's not just bad phrasing? Perhaps they're
generating a new password, and mailing you that one.

(I'm not a nic.io customer, and I don't want to bother registering, so I can't
check.)

~~~
cemerick
I was hoping for something (more) sane like that, yes. I verified it though —
and yes, the original password is returned, clear as day.

