[olug] Why does OLUG use plain text passwords?
justin at hotlinesinc.com
Tue May 1 15:50:28 CDT 2018
or change the emailed password to a hardcoded string of hunter2
On Tue, May 1, 2018 at 3:40 PM, Ben Hollingsworth <obiwan at jedi.com> wrote:
> Can we at least stop emailing out the plaintext passwords every month?
> On May 1, 2018 3:11:38 PM CDT, Benjamin Brinkman <ben at benjaminbrinkman.com>
> >I get that mailman has been the de facto standard for free software
> >projects for a long time, but there has to be a more secure
> >alternative by now. It's good that mailman is so ubiquitous because
> >that's a testament to its stability, but surely someone else has
> >achieved that along with better security by now.
> >I have never run a mailing list so I have no specific suggestions.
> >Just pointing out that new things can emerge over time.
> >On Tue, May 1, 2018 at 1:05 PM, Rex Dieter <rdieter at gmail.com> wrote:
> >> It's just standard mailman (mis)feature/bug.
> >> -- rex
> >> On Tue, May 1, 2018 at 2:57 PM Sasha Karcz <sasha at karcz.me> wrote:
> >>> In the olug.org mailing list memberships reminder emails, we get
> >sent our
> >>> email address as well as our password. This implies that olug stores
> >>> passwords in plain text. Why in 2018 are we doing that?
> >>> Sent with [ProtonMail](https://protonmail.com) Secure Email.
> >>> _______________________________________________
> >>> OLUG mailing list
> >>> OLUG at olug.org
> >>> https://www.olug.org/mailman/listinfo/olug
> >> _______________________________________________
> >> OLUG mailing list
> >> OLUG at olug.org
> >> https://www.olug.org/mailman/listinfo/olug
> >OLUG mailing list
> >OLUG at olug.org
> Ben "Obi-Wan" Hollingsworth
> obiwan at jedi.com, http://www.jedi.com
> OLUG mailing list
> OLUG at olug.org
More information about the OLUG