* Félix Piédallu <felix@piedallu.me> [2015-06-13 19:42:55 +0200]:
Hi there ! Just new here. And I've been informed that "Normally, Mailman will remind you of your archlinux.org mailing list passwords once every month". Does it mean the passwords are saved somewhere ?! That means that my password is sent periodically. That's not the only account for which I use this password. That is a HUGE security breach. Please, change that system.
Yes, Mailman stores password in plain-text in the current version. I think this was changed in Mailman 3, but that's rather new and radically different. But it's really something common. The sign up page even says this (in bold!): Do not use a valuable password as it will occasionally be emailed back to you in cleartext. As others pointed out already, using different passwords is a really good idea anyways. Many more pages store passwords in plaintext (they are just less honest about it) unfortunately. Florian -- http://www.the-compiler.org | me@the-compiler.org (Mail/XMPP) GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc I love long mails! | http://email.is-not-s.ms/