27 May
2015
27 May
'15
6:22 p.m.
The OP was correct, if they can send you your cleartext password then their security practices are inadequate, period.
Unless I misunderstand what you're saying (I sort of hope I do) this is Security 101.
As I've said a couple of times already, but perhaps without the capital letters, from a security point of view, generating a NEW PASSWORD and sending it in cleartext is no worse than sending you a one time reset link. Either way, if a bad guy can intercept your mail, you lose. A few moments' thought will confirm this has nothing to do with the way passwords are stored within the mail system's database. R's, John