I've just gone through the registration/confirmation process for this forum and I was somewhat surprised to receive my login password published in clear in the confirmation e-mail. While I'm now using a password manager so this password will only ever be used here, I'd have thought it good practice not to publish passwords in clear anywhere. How does the forum store these passwords anyway? Are they encrypted or stored in clear? While it's just a discussion forum, does anyone really want their login information compromised so a malicious actor can log in and post unwanted content in their name?
