Skip to:

Re: Registration notification email not sent & captchas — BP 1.2 beta / WP 2.9.1



1) By default, an email isn’t sent to the user because the user password is sent via plain text (not a good thing security-wise).

That makes absolutely no sense. If you use the forgot password feature, the password is sent via plain text as well. Why is that OK and sending a password upon registration not?

Most big sites, Facebook, LinkedIn, newspapers, have no problem sending passwords via plain text. Online security is always a balance between security and convenience.

Buddypress is a social network. It’s not a banking website. If you start using credit card payments or paid membership, those scripts usually come with the own security.

Who is going to steal a password to someone’s account on a blog network? Has that ever happened? What would they do with it?

Just my 2 cents. Flame away…

Skip to toolbar