Don't Store Customer Passwords in Plaintext
I just received the signup email for Write Beta account and you have sent me my password. It means you are storing passwords in plaintext. Seriously?
Please respect customer's data and add some sort of security for storing user passwords.
We do not store passwords in plaintext! We accept 6 to 30 symbol passwords which are hashed using SHA-512 with 24 byte salt randomly generated for each user.
The welcome email is in fact sent before we put data into database, which is not good (whoever has access to your email could have access to your Write! account) and we will remove password from welcome email shortly (I expect within 24 hours.)
We are aware it’s 2015 outside and we do take data security seriously.
Got this aswell. If you want us to pay please change this....
This is a huge security flaw. Famous case with tesco.