About

A website storing a password in plain text means that your password is there, waiting for someone to come and take it. It doesn’t even matter if you’ve created the strongest possible password. It’s just there.

Whether it’s someone hacking into their servers, using a simple flaw in their site or even stealing their backups, over 30% of sites store plain text passwords.

We’re tired of websites abusing our trust and storing our passwords in plain text, exposing us to danger. Here we put websites we believe to be practicing this to shame.

Found a text offender? Found a site that you use on the list? Got any questions? Read our FAQ on what to do next.

Are you a developer? We’ve got an FAQ just for you.

Created by @hmemcpy and @omervk.

Photo by Michael Reidel cc-by

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

Short URL for this post: http://tmblr.co/Zy4yby
blog comments powered by Disqus