Last Updated: February 25, 2016
· austinkeeley

The worst way to store user passwords

Earlier this week, I needed to log in to a website (which shall remain nameless), but I forgot my password. Not a problem; there was a nice "Forgot your password?" link. I entered my email address and waited a few minutes for a message with instructions on how to reset it.

To my surprise, the email did come... with my username and password in plaintext.

Here's two reasons why this is really, really bad:

#1. They just sent me my account credentials in plaintext over email. Not a link to reset my password, not a link to answer some security questions, but my username and password right in front of my face. This is bad.

#2. Wait a minute... if they can send me my credentials in plaintext, that must mean they are storing my password in a database as plaintext. This is the really scary thing. You can find plenty of news stories where a company has a breach and the account credentials are find their way into the wrong hands. If they're smart, the company is storing the passwords securely as a hash, but as I found out, this might not be the case.

This is not a small website. You have definitely heard of it; they even advertise on TV. I am really scared that, in the year 2013, a company like this can be so irresponsible about data security.

Okay, so what's the takeaway here? You have some options about how to store user credentials on your website. I'm not an expert, but there's plenty of good material out there. This Stack Overflow question is a good place to start. Just don't store your password as plaintext. I'm not writing this to point fingers or to come down hard on a particular company or individual. I really just want people to write better and more secure applications.