They don't need to have your password in plaintext to verify it. They could just... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Fargren on Aug 14, 2012 \| parent \| context \| favorite \| on: 1and1 ask for passwords over the phone They don't need to have your password in plaintext to verify it. They could just type it to verify it at their end. Asking for it is still bad practice, though.

timrogers on Aug 14, 2012 [–]

Agreed. They may or may not store in plain text, that remains to be seen. Regardless, this is bad practice.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact