Since you asked, I had a few specific criticisms also. I was part of a pilot at my work place.
One major criticism I had is that is sent me my password *in the clear* as part of a routine reminder. I replied that this is extremely bad practice. In fact it should not even store my password, using a Unix like approach of hash + salt. Here is a sanitized version of my message sent to '[EMAIL PROTECTED]' last March. P.S. We did decide to sign up for the Safari service. > -----Original Message----- > From: Tolkin, Steve > Sent: Thursday, March 27, 2003 1:34 PM > To: '[EMAIL PROTECTED]' ... > Subject: Never sent user password in email -- this is a > serious breach of security > > > Dear Safari, > Your email to me included my password. > This is a serious breach of security. > > Please tell me that you will fix this. > > I never do business with any organization that > sends out a password in email > (unless explicitly requested by the user). > > Thanks, > > Steve > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 27, 2003 5:28 AM > To: [EMAIL PROTECTED] > Subject: Time Flies > > > Steve, > > How time flies! This note is just a friendly reminder that > you are half way through your free trial to Safari Tech Books Online. > > Log in today and let Safari pinpoint information for your > urgent IT questions. Safari's powerful search engine is far > more efficient than wading through piles of books and > articles and more effective than message boards or tracking > down colleagues for answers. > > As a reminder, your login URL is http://search.safaribooksonline.com/ > User Name: steve dot. tolkin at@ fmr dot. com > Password: SHOULD NEVER SEND PASSWORD UNLESS REQUESTED! > > Need help getting started? Join us for a quick LIVE tutorial. > -- Every Tuesday > -- 4:15 - 4:45 pm EST ... [rest of marketing blather snipped] Hopefully helpfully yours, Steve -- Steve Tolkin Steve . Tolkin at FMR dot COM 617-563-0516 Fidelity Investments 82 Devonshire St. V4D Boston MA 02109 There is nothing so practical as a good theory. Comments are by me, not Fidelity Investments, its subsidiaries or affiliates. > -----Original Message----- > From: Andy Oram [mailto:[EMAIL PROTECTED] > Sent: Monday, January 05, 2004 11:44 AM > To: [EMAIL PROTECTED] > Subject: Re: [Boston.pm] OT:Safari Bookshelf > > > I guess I should stop lurking and say thanks for all the kind > comments. > Anything special that any of you would like me to pass on to people I > know on the Safari team? I haven't noticed any specific > criticism. Also, > if you feel happy enough that you'd like to give a testimonial that we > could use in marketing, let me know and I'll find a marketing > person to > slurp it up. > > ---------------------------------------------------------------------- > Andy Oram O'Reilly & Associates, Inc. email: [EMAIL PROTECTED] > Editor 90 Sherman Street voice: 617-499-7479 > Cambridge, MA 02140-3233 fax: 617-661-1116 > USA http://www.praxagora.com/andyo/ > Stories at Web site: > The Bug in the Seven Modules Code the Obscure The Disconnected > ---------------------------------------------------------------------- > > _______________________________________________ > Boston-pm mailing list > [EMAIL PROTECTED] > http://mail.pm.org/mailman/listinfo/boston-pm > _______________________________________________ Boston-pm mailing list [EMAIL PROTECTED] http://mail.pm.org/mailman/listinfo/boston-pm
