@Xianhang Zhang you beat me to it. I couldn’t believe it when MySpace sent me my password when I went to recover it. I can’t believe anybody is stupid enough to do that.
Obviously we’re all a bunch of stooopid high-IQ’d geeks, and no one have got a clue of what Jeff is trying to point out.
So, Jeff, could you please enlighten your follower’s brains and tell us?
Thanks.
Rod.
I guess the one you were thinking of is that they would have to keep the raw password somewhere, instead of only keeping a hash.
The other problem is that anyone could cause someone’s password (or the means to reset the password) to be sent out in an unencrypted email, but a awful lot of websites do exactly that.
Roll on open-id.
I don’t know if this is related. But check out this article:
TypeKey stores your passwords in plaintext
http://www.diovo.com/?p=55
The mistake I see is that the password seems not to be hashed.
The password should be hashed using SHA or MD5 and salted.
Else once a hacker manages to dump the database he has everyone’s passwords.
It should be enter your email and you will be sent a new temporary password
I used to belong to MENSA. As far as I could see, they’re all idiots. The password snafu on the website is just another indication of that.
Any developer worth his salt wouldn’t make such a hash of authentication - DailyWTF comment
Maybe I’m missing the point, but does MENSA hold your credit card details on file? Risk management:
- What personal information, valueable information, or otherwise does the MENSA site provide access to?
- Was the password provided by the member?
If the answers were none and no, then resending the old password isn’t as big an issue as made out here.
And no, OpenID is not some silver bullet. It has a whole set of new problems that as of today are still unsolved (see various articles at links.org for more information).
Blindly following The Security Book often results in useability nightmares (logging onto $MostOnlineBankingSystems, anyone?) and may exacerbate real problems by diverting the already overloaded programmer’s attention.
Personally, even if the MENSA site has a forums facility, I wouldn’t be using it to pass confidential information to my extra-marital lover, nor really care if someone sends a few spoof posts from my account (a quick email to the admins would sort that out).
But since I’m not smart enough to be a member of MENSA either, I guess I don’t know. 
The problem is that they send out the old password rather than generating a new or providing a link to do so. If they can send out the original password, by inference they must be storing it without hashing it first.
On a lesser note:
They also claim to have mailed the login info on printed cards, and then admit that losing the cards is highly possible.
Thus, any one finding the cards would have access to the account.
Actually, they’re only storing a salted hash. But due to their vastly superior intellect they’re able to figure out the original password on the fly anyway.
So there.
Many sites send the password in unencrypted emails, even just to confirm that you have registered. It always make me scream.
I don’t understand why people do that : they are supposed to be programmers, and known about this kind of problems. At school we all have launch a wireshark and sent an email don’t we ?
The plaintext passwords are bad enough, but I think the biggest WTF here is that they give you the Sorry, we don’t recognize that email address. error if you enter an address not in their database.
I hit it about 20 times and it doesn’t lock you out or add a delay. It would be trivial to write something to datamine valid addresses. Seems like a valuable mailing list to build!
Although I know that it’s one of the dumbest things to store passwords in plaintext.
But I actually worked on a project, where a requirement was that the password should not be changed when forgotten. This was because our users weren’t tech savy and had problems with everything that exceeded writing mails.
So we decided to store the passwords in plaintext but generating the passwords for the users. We didn’t include any possibility of changing the password. In that way we at least managed to prevent loss of valuable passwords.
Anyway, if I were to implement that particular project again, I’d surely stick with encrypted passwords, no matter what management thinks.
If the password issue is supposed to be The Real WTF tm;, of course there’s no need for a retrievable password to be stored in plaintext. Encryption is a wonderful 2-way system that doesn’t require the intermediate result to be readable.
Of course the method of decrypting the password also has to be stored somewhere but again, there’s no need for that to be nearby the database with the encrypted passwords.
Remember that security is all about layers, the existance of any particular layer doesn’t necessarily tie to any other layer. We can get your password back is not indicative of we store plaintext passwords
Is it lacking a captcha like orange ?
Why does Mensa even need to password protect their site? Couldn’t they just use a ridiculously hard IQ test to see if people where worthy of access?
Sending a password means they store it as has been mentioned already.
And yeah, not the first time you mention this 
Shoo!
For those people who are oblivious to the fact that people re-use their passwords (and LeftHere, 23 posts above, indicates that MENSA passwords are user-changeable and, thus, re-usable), I recommend the following article:
http://technet.microsoft.com/en-us/magazine/cc626076(TechNet.10).aspx
The whole article is interesting, but the part about different passwords for every site is somewhere around the middle.
One quote that always sticks in my mind:
Mensa is full of people that like to THINK they’re clever, not those that actually are.