

Ask HN: Should we name and shame companies that send passwords in emails? - bbody

I recently signed up to a website and they sent me the password I signed up with back in a confirmation email to me.<p>It isn&#x27;t the first time I&#x27;ve seen this, however this website seemed quite legit. I didn&#x27;t use my normal password but I came close to, so I am angry. Not only this, but the confirmation email was CC&#x27;d to some Gmail address.<p>It seems that in 2015 sending plaintext passwords back to people shouldn&#x27;t be happening. Should we name and shame websites that do this?<p>Edit: Added in fact the email was forwarded to someones Gmail address.
======
OmgImAlexis
I send stuff into this blog.
[http://plaintextoffenders.com/](http://plaintextoffenders.com/)

