Closed Bug 1032810 Opened 11 years ago Closed 11 years ago

Stop sending monthly emails with passwords in clear text for lists.mozilla.org, encrypt passwords on servers

Categories

(Infrastructure & Operations :: Infrastructure: Mail, task)

Product:
Infrastructure & Operations
Component:
Infrastructure: Mail
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: spohl, Unassigned)

Details

Currently, monthly emails with clear text passwords are being sent out to all subscribers of lists.mozilla.org mailing lists. This also means that passwords are stored in clear text on our servers. People tend to reuse passwords for various sites and although mailing lists aren't particularly interesting targets for attackers, other sites where the same password was used may be. If the reason for these emails is so people don't forget their passwords, it may be better to add a password reset function to our mailing list manager (if not already available). We should: 1. Stop sending out emails with clear text passwords. 2. Encrypt the passwords on our servers. Alternatively, we should make it very clear at the time of subscription that we will not be handling passwords securely. This allows users to choose one-off passwords rather than the ones they're already using for email, online banking etc.
This is the wrong component, BUT I do have some thoughts on this. We should definitely be warning people. I think we do that in some form already, but I could be completely mistaken. Encrypting the passwords doesn't feel important. As long as we warn people, I don't see a big issue there. That said, if you want secure passwords, there's always discourse :)
Assignee: nobody → infra
Component: Server Operations: Community IT → Infrastructure: Mail
Product: mozilla.org → Infrastructure & Operations
QA Contact: limed
(In reply to Stephen Pohl [:spohl] from comment #0) > > We should: > 1. Stop sending out emails with clear text passwords. Disabled the password reminder, although list owners can actually disable password reminders on the list > 2. Encrypt the passwords on our servers. Mailman was designed this way so that its actually a know thing that people should be using a throw away password. But since I disabled the cron this point really is moot
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
(In reply to Ed Lim [:limed] from comment #2) > (In reply to Stephen Pohl [:spohl] from comment #0) > > > > We should: > > 1. Stop sending out emails with clear text passwords. > Disabled the password reminder, although list owners can actually disable > password reminders on the list Cool, thanks! > > 2. Encrypt the passwords on our servers. > Mailman was designed this way so that its actually a know thing that people > should be using a throw away password. But since I disabled the cron this > point really is moot A compromise of the password db on the server is still possible. But I just confirmed that lists.mozilla.org has the following verbiage: " Do not use a valuable password as it will occasionally be emailed back to you in cleartext. " I think that's pretty clear. I may either have skipped over this text (since it's included in a fairly long paragraph on top of the password field), or I may have forgotten about it. The actual email with my password in clear text was what intrigued me. Either way, thanks for looking into this. :-)
You need to log in before you can comment on or make changes to this bug.