May 11

The Idiocy of Emailing Plaintext Passwords

Security Add comments

Imagine you are at a cocktail party.  You are having a private conversation with someone you thought was a trusted business associate.  You lean forward and whisper confidential information in his ear.  He immediately repeats what you said aloud.

Your secret may not be exposed – depending on whether anyone is within earshot – but this person has violated your trust.  You are unlikely to share any more secrets with him.

This is what it’s like when a website or online store emails your password in plaintext.  The vendor has violated your trust and called into question whether you should continue to do business with them.

Plaintext Passwords are Bad Business

It’s always shocking to see your confidential information out in the open.  You may take great care to create strong passwords, store them securely, and provide passwords only over secure connections:

Secure Login Form

Then a clueless vendor emails your password in plaintext:

Email with plaintext password

Unfortunately, in spite of many recent security breaches involving plaintext passwords, some vendors still follow this bad practice of storing and sharing confidential information unencrypted.  There’s even a website devoted to these “plaintext offenders.”

Email is Not Secure

Email as a technology is somewhat secure, but there are many points of failure in its security chain.  Email is often stored or cached on several systems along the way to your inbox.  Some users leave their email program open when they step away from their computer.  Spouses and companies may snoop in email.  An experienced hacker can crack an email account.  And some online email services save your messages for years, even if deleted. 

Thus, vendors should never send confidential information over email.  This includes passwords, credit card numbers, and social security numbers.

If You Are an Online Customer:

  • Use truly random passwords that include upper and lower case letters, at least one number and one symbol. 
  • Passwords should be at least 8 characters long, but the longer the better.
  • Use a different password for each website.  Do not use patterns or words.
  • Store your passwords in a secure password manager, such as TrueCrypt.
  • Always logout from websites and lock your computer when you step away.
  • Complain to any website that emails your password plaintext.

If You Are an Online Store or Website:

  • Never email passwords (except for temporary reset passwords that must be changed at the next login).
  • Never store passwords or other confidential information in plaintext anywhere on your website or databases.  Store a salted hash value instead.
  • Put a technical person in charge of owning and reviewing your online security.  You can bet the hackers are smarter than you, so also consider hiring outside expertise.

More Discussion

Share and Enjoy:
  • Twitter
  • Facebook
  • Reddit
  • LinkedIn
  • Digg
  • DotNetKicks
  • StumbleUpon
  • Slashdot
  • Technorati
  • Google Bookmarks
  • Print
  • email

Article published on May 11, 2011




Leave a Reply