Website security and Emailing Passwords

As I was sitting in Pat Hynds phenomenal presentation on ASP.NET Security at VTdotNET last Monday, I started thinking about how people work SO hard to secure websites with password protection but then almost every website will email you your login and password. If we spend so much time worrying about people “hopping on” to authenticated HTTP transports, don’t those same people have the ability to read/grab/reroute our emails? Maybe the answer is “no” and everything is still right with the world, but it sure did make me wonder.

  Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!  

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.