Mark Simpson´s profile

Reviews (1)

Myprotein.com

Poor website security practices, good products

I ordered several products (whey, instant oats, creatine, a shaker and a few scoops) and everything was delivered correctly and to schedule. The reason I am giving Myprotein.com 2 stars is that their website password policy is very poor.

I forgot my password and, when I asked for a reminder, the password was emailed to me in plain text. When it comes to user security, this is one of the biggest mistakes you can make. At the very least, passwords should be hashed and salted. A hash is a one way function (it transforms your password into something else) -- if a website can email your password to you, they're doing it wrong. They shouldn't have that information on file.

http://www.troyhunt.com/2012/07/lessons-in-website-security-anti.html

Mark Simpson´s profile

profile image of Mark Simpson
Mark Simpson
Reviewer
Male
United Kingdom

About