Bluehost stores your password in plain text
This is a public service announcement to users of bluehost.com hosting. They store your account password in plain text. During my long drawn out battle where they refused to own up to database problems, one of the support calls resulted in the support woman asking me for my password. When I refused to give it to her (as you always should!..they should not need it), she just read it out loud to me. So apparently, they are not just terrible at customer service, but also appear to have a very poor understanding of basic password security. You should never store plain text passwords.
I forgot to post on this when it happened, but someone just posted on my blog with another bluehost complaint, which reminded me of this. Their CEO, Matt Heaton does not respond to emails or comments on his blog, so I don’t know of any other way of getting in touch with someone over there who might both have a clue, and care enough about their customers to do something about it.
1 Comment