Feedback, Complaints or Problems

I recently forgot my password for ch, so I used my email to retrieve it.
But I also noticed CH told me the ORIGINAL PASSWORD that I forgot, which means the password is not encrypted(or symmetrically encrypted) in website Database.

Although CH uses HTTPS to secure the connection, storing password in plain text is generally considered serious threat to user security, as nobody - including the users themselves and adminstrators - should be able to look up at.

Unencrypted, or symmetrically encrypted passwords are not the way to run a modern website. It imposes unneccesary threat to a user as people tend to share their password between different websites.

Please implement encryption on the password column of user table in your database. Password retrieval could be, perhaps should be, replaced by 'password reset' functionality. I love CH and I want it secure. Nobody would like to see mistakes like Adobe has made before repeated.

This will be done eventually. Right now we utilize this information to help users that have lost their email, alias and other information that would basically cause them to have to re-purchase a membership. This is not a banking or other highly secure website. We do not store real names, any financial data, birthdates, etc. Only alias, email and password. We have 3 very restrictive firewalls, one being hardware and two being software to protect our web application. The entire site utilizes SSL as well as HSTS. The storing of passwords in plain text poses no threat to your online security if you utilize separate passwords for each website or application like you should be doing. There have been BILLIONS of user accounts compromised from huge organizations like Yahoo, Target, ebay, Home Depot, PSN, etc (Link. Except in these cases, criminals didn't get away with passwords, they got real names, birthdates, social security numbers, credit card numbers and a ton of other information that could be used to steal a person's entire identity. I remember one hack of like 500 MILLION accounts that kept everything in clear text, but at least the password was encrypted! Personally I would rather have my password leaked than ALL of my personal details like birthdate and social security number. I can change my password, I can't change that other stuff. If you are uncomfortable with our current security practices, I will be happy to delete your account along with all traces of it.