Security: Emailing passwords???

  • 1
  • Problem
  • Updated 3 years ago
I just changed my password for the first time and you sent me my new password via email. This is unbelievably insecure!!!

It means that if an email provider (e.g. yahoo) or a companies email server is hacked then the hackers will be able to read the "password change" emails and log into . This is a ticking timebomb for you.

If you don't know how to do login security then outsource it to a company like auth0 or stormpath.
Photo of Andrew Reidy

Andrew Reidy

  • 70 Points
  • flabbergasted

Posted 3 years ago

  • 1
Photo of Allan Hamblin

Allan Hamblin

  • 290 Points 250 badge 2x thumb
For the same reason I don't like any cloud use, or online accounting. I would think a clever hacker could hack Reckon just as easily as Yahoo. I stick to desktop versions.
Photo of Rav

Rav, Community Manager

  • 91,926 Points 50k badge 2x thumb
Hi Andrew,

I can definitely appreciate the concerns you've raised. The good news is we've got some major changes to the way we handle the password reset process coming very soon. It's a complete redesign of the process and will eliminate any potential for undue risk.