I need you help, US-users please, I got this free (remember: FREE) service running, where all you have to do to sign up is give us your email address plus and a password so you can sign in again later. No I have 500 active users and a lot of not so active ones. but in just a few days time I get an email with the same problem: I never had emails like that before. (working online for 10+ years) and it makes me wonder. has there been an Oprah show about this subject? or is just the whole of the USA gone paranoid ? so my question is: should I spend some time in encrypting passwords etc. or should I just ignore this message and tell this user to just use a non-standard password? FYI: none of my servers has ever been hacked/cracked as far as I can tell (and I can ; as I used to hack other servers in a previous life)
we are all just stupid----seriously---what is your target audience? thats probally the reason. I dont deal with people that ask questions like that== is the whole US paranoid? ha-thats the million dollar question. Good Luck with this---
Just get hash the passwords twice more ;-) I receive these emails all the time and answer is the same on all those questions: Your pass is quite save as long as You're not sniff by kids from Your local network area ;-) You can also add a short info about encrypted connections.