Activision has denied storing Call of Duty Elite passwords in plain text - but has admitted emailing them to customers in plain text form when they ask to recover them.
It not even that serious.
Totally agree, sites i've used in the past have sent me my password in plain text before (after forgetting my password). Usually they send it the instant you request it, then you read the email and instantly delete it. I have no problem at all with this method
Except that means anyone can intercept your email and get your password. Email is not a secure method of transmitting sensitive information. Activision should definitely use a one way hash with a strong salt to secure the data. Encryptions can be broken, and even hashed data can be recovered to some degree. This is poor security from Activision and should not be accepted by consumers!
Yeah it isn't even serious. I agree with both of you. @gamingdroid It's only bad if they know your email and password. So I don't see why it is poor security. A lot of websites does this method.
"It's only bad if they know your email and password. So I don't see why it is poor security. A lot of websites does this method." Honestly it's safer if a website has it changed in their database than linking to an email. It's nothing to throw a hissy fit over however.
It seems you guys aren't familiar with email "technology", but all email is sent in plain text and travels over multiple unsecure servers on the internet. Anyone of those can pick the username/password from the data packet. It's NOT a secure method of communication period. A lot of sites does it does NOT mean it is safe! That is why you NEVER send credit card information over email (although people do). The proper way to do it is to send a link, that has an expiration date if it isn't super sensitive.
Why store stuff in plain text, it costs you nothing to salt and hash.
N4G is a community of gamers posting and discussing the latest game news. It’s part of NewsBoiler, a network of social news sites covering today’s pop culture.