-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Okay :)
I agree with you, but i got a "common pwd" that I use on some websites where i don't log in frequently (if I forget the pwd, that's the first I try), so that was convenient. But yeah, i'm gonna change that pwd. I am still convinced this is a security breach, even if that's not a very important pwd as you pointed out. Just imagine a "pirate" that knows that the pwd is sent every month. He knows he just has to wait some weeks intercepting every sent mail. Anyway, thanks for the (very quick) answers :) Félix Piédallu Président du Club Robotronik Phelma 06 51 41 32 48 Manjaro Linux. Feel the freedom. On 13/06/2015 20:00, Ben Oliver wrote: > On 13 Jun 2015 6:52 pm, "G. Schlisio" <g.schli...@dukun.de> wrote: >> >>> Hi there ! Just new here. And I've been informed that >>> "Normally, Mailman will remind you of your archlinux.org >>> mailing list passwords once every month". Does it mean the >>> passwords are saved somewhere ?! That means that my password is >>> sent periodically. That's not the only account for which I use >>> this password. That is a HUGE security breach. Please, change >>> that system. >>> >>> And by the way, hello there, fellow arch users and devs ;) >> >> hi and welcome aboard arch! >> >> concerning your issue: you probably have heard the advice to use >> different passwords everywhere? also: the mailinglist password is >> not that important. it merely controls your subscription, so no >> sensible data is secured with it, it just prevents random people >> from fiddling with your subscription. that brings me to my next >> point: arch uses a software called mailman here, a mailinglist >> managing tool used widely on the interwebs, reviewed many times. >> you can also opt-out of receiving this reminder in your >> subscription options (protected by this password). >> >> i hope you see that this is not an security issue, but perhaps >> you want to change you maiman-password. >> > > I have to second this. Use a password manager and generate > different passwords for everything and you don't have to sweat it > if a password gets leaked (especially something non essential like > this). > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVfHpBAAoJEMJ1NtNxTzOfoRcQAK/tO2E/fwE4AsXufLC953Gp FbUxPa9sLU+54wwiPdVpjI4PjGOm71sx4o4bUlvcWptVP2OJV9H7HTQRZb/3P3o0 mz6/GvY/t9M7/5D5LZAfzxP0CSvXoBYkrQETBdaNDPiUuAxYjiraw46qdYJbzXt3 P/ri/TTJ4WE9YEEwh9fpdg7kHB6EJvdDG33GGhRYQIb6MmkmP+rpOR9bUI2vl+EP DJTf8IvhFUEsvmTgz1ct74yL/ZT2XvWprXI2AvNjgnH6/jmTxREeeh/HPYGFUWj6 j3+SWjTKzTIq7VUn63tC1whel30jJDyBw9IoECN6QQ6ztdzKJY2zRp0prpHsOe0u yj5QkDRxe79yMuVQTNjuFryTrUA3EnpNbRED23qi+fkBz5GM0s992pnupV0z5qLr 8HlXywvItL2XPZkTecmOoK5S1yY8xu1pd0vc9od1nqJ3u6g8u8a+kEj7DzVnn6py y4haTcn7lK+FadpRoTnJLZNCHK7BH4s+DDQ/JgV1alunaKaBuDXIdKP8clvZKeUK LzAOd2IOY2xsI28n/eemXedPFgKpqSd5fj3bH5Y5bplDQ9jOQMHURO93xvF7fcsT NXaww4FJKKyIslukNY0DIUYrUIrnFpC+2N8YHNMdiv801o6cXKq9uLk9E2JRg4Ed heWYbkbp2UOAV6X8WaMh =Ekqk -----END PGP SIGNATURE-----