About

A website storing a password in plain text means that your password is there, waiting for someone to come and take it. It doesn’t even matter if you’ve created the strongest possible password. It’s just there.

Whether it’s someone hacking into their servers, using a simple flaw in their site or even stealing their backups, over 30% of sites store plain text passwords.

We’re tired of websites abusing our trust and storing our passwords in plain text, exposing us to danger. Here we put websites we believe to be practicing this to shame.

Found a text offender? Anonymously submit it to us and put it to shame!

Are you a developer? Read about what you can do to solve it on your website.

More reading on why even just sending the password via email without storing it in plain text is bad.

Created by @hmemcpy and @omervk.

Photo by Michael Reidel cc-by

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

Short URL for this post: http://tumblr.com/Zy4yby
blog comments powered by Disqus