Plaintext password offender:

less than 1 minute read | Suggest an edit | Issue? Question?

I recently created an account at Yanko Design (they have some neat stuff I wanted to further explore).

The welcome e-mail I received was as follows:

Yanko Design welcome e-mail

Yep, that’s my password, in plaintext. Luckily I used a throwaway, but still, come on. What’s it going to take for merchants and e-commerce platforms to do better than this?


Leave a comment