Nick Sabalausky wrote:
Anyone know of a reliable, reasonably-priced web host that...and here's the
key part...actually understands even the most basic security concepts?
It seems like every place out there has an IT/support department that is
absolutely convinced of one or more of the following:
1. Unencrypted emails are secure.
2. PGP *signing* an email encrypts the entire message.
3. It is somehow possible to email users their passwords without the
password ever being stored in either plaintext or in a reversible form (not
counting, of course, the process that actually sets the password in the
first place).
Never ever *ever* EVER *EVER* email a password in clear. I'd say, if
anyone thinks she wants to do that, she doesn't deserve a server that
understands basic security concepts, even if one existed.
Andrei
