Greetings.

I'm not sure this is the correct list, but I just performed a password
reset on my ekiga.net account (here:
https://www.ekiga.net/index.php?page=forgot), and I was not very
pleased by receiving my password back in plain text.

This means ekiga not only stores my password (hopefully not in clear
text, but what do I know), but also chooses to send my password
unencrypted via mail. Ekiga should only store a hash, preferably
salted, and thus not send the password but instead offer me to reset
it and choose a new password.
I would like to get in touch with someone with the power to change
this behavior.

Best regards,
  Patrik
_______________________________________________
ekiga-list mailing list
ekiga-list@gnome.org
https://mail.gnome.org/mailman/listinfo/ekiga-list

Reply via email to