While sending your password in plaintext over email is very much a bad idea and a very bad practice, it doesn’t mean they store your password in their database as plaintext.
You’re correct and after reading more of the thread I saw OP say this was sent immediately after registering. I don’t have reason to believe it is stirred in plaintext unless they’re storing s copy of every email they send.
It’s possible that this email is a result of forum user creation, so during that submission the plaintext password was available to send to the user. Then it would be hashed and stored.
While sending your password in plaintext over email is very much a bad idea and a very bad practice, it doesn’t mean they store your password in their database as plaintext.
Encrypted passwords are still an unacceptable way to store passwords. They should be hashed.
(and salted before hashing.)
And marinated in butter milk.
Peppered if you’re feeling extra
Just because they send out the password does not mean it’s not hashed. They could send the email before hashing.
You’re correct and after reading more of the thread I saw OP say this was sent immediately after registering. I don’t have reason to believe it is stirred in plaintext unless they’re storing s copy of every email they send.
deleted by creator
Would you accept “in a way that can be reversed”?
It’s possible that this email is a result of forum user creation, so during that submission the plaintext password was available to send to the user. Then it would be hashed and stored.
Passwords shouldn’t be stored at all though 🤷♂️