http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8753 --- Comment #66 from M. de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Liz Rea from comment #63)
Comment 57, 2nd paragraph - when someone doing QA suggests mailing a cleartext password might be ok, it seems right to emphatically tell them "no, that's a bad idea."
Please keep it in context. Hope I do not intercept any undertone about QA work here? For completeness: I completely agree that sending password by mail is theoretically very bad. However, we probably do not have a 100% safe solution for this. So therefore in a pragmatic view the sensitivity argument etc. And to add: As long as many OPACs are going over HTTP, we send the password clear text all over the place.. But again, also comment 57 This approach is fine with me! -- You are receiving this mail because: You are watching all bug changes.