As a new member of the community, as well as a newly registered member on the forum and mailing-list, I want to thank all of you for the work done in developing and maintaining OpenERP. However, and before I go any further, I would like to discuss a major disapointment I had while registering.
To make a long story short, and not to bore you with useless details, I think it is unacceptable for a leading high-tech community to still store the password of their members in an uncrypted manner. After registration (both to the mailing-list and the forums on the website), I had a confirmation e-mail sent to me with my password written in full letters. Nevermind the fact that admins can now look freely at my password (which is a moral violation), any intruder could do the same! Do I have to worry about the safety of a system I am unfamiliar to, let alone the integrity of its administrators? It is common practice to encrypt passwords before storing them. It is time (we're in 2010) this community implemented it. Just my 2 cents. -------------------- m2f -------------------- -- http://www.openobject.com/forum/viewtopic.php?p=51674#51674 -------------------- m2f -------------------- _______________________________________________ Tinyerp-users mailing list http://tiny.be/mailman2/listinfo/tinyerp-users
