This post is imported from a previous version of my website. If you see something funny I missed and you think I might be able to fix it, please drop me a line.
Louisiana Tech just sent me a “reminder” email with my full username and password in there. That information is everything necessary to logon to the school student portal and get the rest of my personal information, full school transcript, etc.
Not only do I not like them emailing my password, I don’t like that they even know my password. They should be using hashes instead. They’re doing it incorrectly.
Here is the full email (user/pass redacted):
Subject: Reminder
TO: <[my.school.email]@LaTech.edu>
Date: Thu, 11 Feb 10 12:35:23 CST
From: <Registrar@LaTech.edu>
REMINDER:
Your BOSS PIN is: XXXXXX
Your CWID number is: 100XXXXXX
PROTECT THESE NUMBERS!
I sure wish they’d protect these numbers for me instead of emailing them to me every quarter.