Hi all,
I surely wish ECF can somehow pass the word to ecig vendors that it's NOT ok to send user name and passwords in email communications when one registers with a vendor.
Recently, I purchased from two separate, well known, vendors and had to register to finish the transactions. A short time later, I received emails from the vendors that my registration had been completed. Not only did the email include my name, address, and phone number, but it also included my user name and password to the vendor website.
I'm appalled! This kind of stuff leaves me absolutely speechless!
In this day and age of internet security issues... especially with email... why on earth don't these vendors know any better???
I won't name the vendors, but I'm sure that there must be a lot of people who have seen this, especially if they used these same two vendors I did. Sadly, there are probably more vendors out there that do the same thing!!!
How can we help vendors understand NOT to do this? How can we make them aware?
I've since changed my passwords on both sites and I surely hope that action doesn't generate another email disclosing the same information! I also sent the websites an email regarding this obvious security issue.
Seriously... this just blows my mind!
I surely wish ECF can somehow pass the word to ecig vendors that it's NOT ok to send user name and passwords in email communications when one registers with a vendor.
Recently, I purchased from two separate, well known, vendors and had to register to finish the transactions. A short time later, I received emails from the vendors that my registration had been completed. Not only did the email include my name, address, and phone number, but it also included my user name and password to the vendor website.

I'm appalled! This kind of stuff leaves me absolutely speechless!
In this day and age of internet security issues... especially with email... why on earth don't these vendors know any better???
I won't name the vendors, but I'm sure that there must be a lot of people who have seen this, especially if they used these same two vendors I did. Sadly, there are probably more vendors out there that do the same thing!!!
How can we help vendors understand NOT to do this? How can we make them aware?
I've since changed my passwords on both sites and I surely hope that action doesn't generate another email disclosing the same information! I also sent the websites an email regarding this obvious security issue.
Seriously... this just blows my mind!