Someone earlier today posted a rant about a credit card security conference sending them account details with a plain text password in an email. The password appeared to be 1 use temporary password that the user would change on first login. Assuming one does not actually store plain text passwords, what is the downside to a single use password Vs a single use link to set a new password?

  • 1
    Depends ... if their emails are over secure imap or pop otherwise it shouldn’t matter unless you or them is hacked and people can remote to your screen
Add Comment