The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
I wonder why they tell your your password instead of letting you pick it,
Well, perhaps they *did* let you pick it *and* then emailed you what you chose. Other than that scenario, I agree there isn't much harm in sending an auto-generated password out - as you should be changing those default ones immediately anyway.
What year is this, when people still accept unencrypted email?
It must be 25 years ago when I asked a certificate provider for a free X.509 email certificate. I received it as a small file I could doubleclick, and that was it: Encrypted email installed.
But I had only a small handful of friends who cared to do the same. Almost all of my contacts said: Encrypted email - what's that? I don't think I know how to do it.
Today it isn't much different. Except for one thing: A great share of users do not download their encrypted email to their PC, where it can be decrypted at the destination. Rather, their mail is kept at some remote web server, accessed through a web interface that accepts plaintext only; the browser is not capable of accessing my certificate for doing the decrypting.
I did keep my email certificate for a number of years. Then I switched to another ISP and mail service, which gave me a mail address with a domain part that differed from the mail server's domain. That lead to my mail client asking me every time I applied that certificate to confirm that the messages from that "strange" mail server was trustworthy. I asked the ISP for help with this; they ignored the request: Email is not one of our primary services. I could have gone to another email provider, a new email address again ... By that time, practically all my friends had abandoned encryption. It really wasn't worth the effort, with me as the only one caring for end-to-end mail encryption.
Why haven't we moved in the opposite direction? End-to-end email encryption was super-simple to set up. There were several providers of free certificates (as long as all it confirms is the validity of the email address, it doesn't require costly checks but can be automated). But appearently, nobody cares. Is it that satisfying to be able to complain about others sending us passords in plaintext email, when we could have offered the sender a safe way to send it, but we didn't care to?
I'd love to watch these people read through any SPI documentation, their heads just might explode.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
Last Visit: 16-Jul-20 5:15 Last Update: 16-Jul-20 5:15