On ven, 2002-03-29 at 16:48, Jimmy Wales wrote:
I suspect that even with is_developer, we should also
do something
about the password problem. I don't think there is any good reason to
store the passwords in plaintext.
Agreed.
The way this should work is this:
1. If you forget your password, you can just enter your email address on the site.
We should probably make sure that there's an e-mail address field on the
signup page; I suspect most people haven't put their address into the
receptacle in the prefs box. Hence accounts and e-mail address aren't
reliably linked.
-- brion vibber (brion @
pobox.com)