[Bug 266821] Re: privacy hole in password reminder

Barry Warsaw 266821 at bugs.launchpad.net
Mon Oct 1 16:20:25 CEST 2012

On Oct 01, 2012, at 06:51 AM, trampster wrote:

>You should not be able to send me my password in plaintext. Because
>passwords should be stored using an non reversible salted hash.

There are many documented ways to disable password reminders on a per-user,
per-list, or per-site basis.  Please read the FAQ.

Mailman 3 removes password reminders and hashes passwords with a configurable
hash algorithm (by default salted sha512).

You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.

  privacy hole in password reminder

To manage notifications about this bug go to:

More information about the Mailman-coders mailing list