Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"There is NO SECURITY DOWNSIDE to emailing a user's password to them vs. having some multi-step reset procedure."

That may be true from a site admin's POV, but consider that many people use the same password for everything. Plain text passwords flying through the pipes and then laying about on mail servers is a security risk for the naive user.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: