These passwords should not be recoverable; because they should be only stored as a one-way salted hash with n rounds.
Passlib has a number of password hashing functions:
Is this fixed in Mailman3?
as the seclist for mailman.
Mailman 2 src:
Mailman 3 src:
On Saturday, September 23, 2017, Steve Barnes <
gadgetsteve@live.co.uk> wrote:
I personally was very disappointed on signing up to the both this
mailing list & security-announce to receive back an email containing my
password in plain text with the promise of the same thing once a month
unless I changed settings on the mail man site..
I would have thought that a security related list could provide better
default practices than that!
Is anybody else concerned about the idea?
Steve Barnes.
---
This email has been checked for viruses by AVG.
http://www.avg.com