[city41]

Really awesome site, I hope it does well.

However, after signing up your welcome email contained my password in plain text. Which probably means you are storing it in plain text. Please consider doing a one way hash on it for better security.

[mhartl]

The password is probably encrypted, but reversibly so. That's still a potential security hole, but an attacker would need both the database (with its encrypted passwords) and the key.

[thesunny]

Yes, that is correct. But we probably shouldn't email the password to the user. Just let them change it. Might consider a one-way hash instead of a two-way one though.

[eru]

Minor nitpick: There's no such thing as a two-way hash.

[city41]

And here is a tiny nitpick: I can log in with my email address even though the login form says "Username".

[Huppie]

If both of them work that sounds like a great feature for most people.

[eru]

But why require a username, then?

[Huppie]

It does indeed seem a bit strange to require a username when an email-address is enough. However, my point was that even though they use usernames, they still allow you to simply login by using their e-mail address. That's a lot better than sites having a 'lost your username?' link IMHO.

[scottward]

We need the username in order to say who edited what.

[eru]

How about using the email address instead (and offer a username as a display alias only, if people don't want to have their email address displayed).

[jtheory]

Meh -- who would want their email address displayed? That's not a safe default. You'd just be punishing the users who don't manage to find the setting.