> If someone were to hack into any mail account, all they need to do is search f... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lyndonh on June 22, 2014 \| parent \| context \| favorite \| on: Passwords in plain text > If someone were to hack into any mail account, all they need to do is search for ‘password’ and they have all of the user’s passwords. Only if you're dumb enough to not delete any password emails. Granted, preferable any site sending you your password in an email should either send a reset link or "your password is 'red*'"

icebraining on June 22, 2014 [–]

Only if you're dumb enough to not delete any password emails.

You delete it from your MUA, but how can you be sure that it wasn't stored in any of the intermediate servers?

lyndonh on June 24, 2014 | [–]

The natural assumption is that the hacker has got your password, not hacked gmail or hotmail, etc.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact