So your password has actually changed, and you should recover it, and change it to something you want.
But it's still being stored as clear text, so we should not expect the new password to be safe.
Words can't express the extent of my disappointment about what I thought was one of the more competently-programmed sites. I could see doing this in the beginning, but you had over 11 years to fix this instead of making numerous cosmetic changes.
So your password has actually changed, and you should recover it, and change it to something you want.
But it's still being stored as clear text, so we should not expect the new password to be safe.
Words can't express the extent of my disappointment about what I thought was one of the more competently-programmed sites. I could see doing this in the beginning, but you had over 11 years to fix this instead of making numerous cosmetic changes.
This. Until Justin/the site confirms that passwords are now being stored properly (not just hashed, but also per-user salted) I would recommend using a completely different, even weaker, password than used anywhere else.
The fact that I even have to point out security policies to a site like this makes me think seriously about how often this occurs.
·
·