One of my pet peeves when it comes to web applications is unencrypted passwords.
The biggest factor for distrust is when an app sends me my password via email. No, not a reset link or a temporary password, my actual password.
Even I know that encrypting the passwords of users who sign up for your service is a must-do, and seriously, it’s not hard to implement. Coming from someone who’s not a great coder, that’s saying something.
What’s even more annoying is when the app is so powerful in every other way. Because it means that the developers are not incompetent, they’re just lazy.
Why should users trust companies that can’t even get something so basic right? After all the hacks and leaked passwords, wouldn’t apps with a huge database of users want to be more responsible?
I am always extra disappointed when an app that I am especially excited to use doesn’t encrypt their password.
I’ll admit that I am often lazy and I don’t always know the best way to do things, but as users, I think we have to take responsibility for our own online safety as well.
Don’t use the same password on different services. Use strong passwords (if possible, use a password manager that can generate this for you). Turn on 2FA.
I often test the “Forgot password” function as well.
Do you have any other tips on how users can increase their online security? Please share in the comments or by dropping me a line.