top | item 7927422

(no title)

lyndonh | 11 years ago

> If someone were to hack into any mail account, all they need to do is search for ‘password’ and they have all of the user’s passwords.

Only if you're dumb enough to not delete any password emails.

Granted, preferable any site sending you your password in an email should either send a reset link or "your password is 'red*'"

discuss

icebraining|11 years ago

Only if you're dumb enough to not delete any password emails.

You delete it from your MUA, but how can you be sure that it wasn't stored in any of the intermediate servers?

lyndonh|11 years ago

The natural assumption is that the hacker has got your password, not hacked gmail or hotmail, etc.