|
There's two options here.
1) They got hacked and they were using plaintext passwords, and don't want to look stupid so they aren't admitting to it. The fact they recommend 'not using any passwords used before with them' supports this.
2) They really did change "login engines" (whatever that is supposed to mean...they are just authenticating off a database anyways), changed the passwords to use a different cipher and couldn't port over the current logins because they were already hashed and didn't know the existing one.
It does seem pretty fucking stupid to send over new passwords in plaintext via email. What's even stupider is their 'automatic authentication'. Ever notice how no online bank has this? How paypal does not have this? There's a reason... There should be no automatic login, and they shouldn't even have you entering the entire password to begin with - only a few random letters from it to prevent keyloggers/etc from getting access.
|