On Wed, Oct 12, 2011 at 06:58, Paul Nakada <paulnakada@xxxxxxxxx> wrote: > i can't believe you sent emails with passwords in cleartext. thank you so much. > > Paul Nakada Well to be fair, unless you use some encryption like gpg to send the pwd, there's not much one could do. But I'm not sure the overhead that implies is reasonable for a public bugzilla (there's not much money to gain, aside from some kind of spam maybe) Maybe the mail should mention to directly change that pwd (or provide a one-time pwd you need to change on first login), but then again it's plain http, so that doesn't help much. Frédéric
