When I heard this story, I was preparing to go out of town. My laptop was making the trip of course, and this story made me feel a lot less secure about signing into the hotel’s network, even with my own computer. I read and re-read the terms and legalities before accepting them when I signed in (something I usually quickly run through). I didn’t dare sign into any bank accounts. While I know that the internet mimics the world we live in, it takes on a whole new meaning when you become a little too relaxed and make careless mistakes that could cost you everything!! We should never stop asking “what if” and take the same precautions with the computer that we take in other areas of our lives to keep ourselves safe.

Furthermore, unless the website is using SSL, your password is being sent in plain text anyway, and can be easily sniffed on the local network, and even on the open internet.

I have designed login portals where users’ passwords were stored or sent to me in plain text for debugging purposes, but that code was removed (not just commented out) on production systems.

This ultimately comes down to trusting other Humans.

The internet is an inherently insecure place, just as the world is inherantly dirty and diseased. However, this doesn’t prevent you from going out in public, using the restroom, and eating in public restaurants. We just trust in a general societal set of best practices. We wash our hands, we clean our bathrooms and kitchens. We trust that other people will be good enough to protect us.

Having a website which stores bad passwords is the equivalent of having someone who purposefully sneezes on your burger, then laughs as he watches you eat it.