[boot13]

I can confirm that they're still doing this. I recently had a conversation with their support staff about it and I don't think they'll be changing it any time soon. I like Dreamhost, but if they don't change this I'll probably bail.

[Dylan16807]

Can you explain why you would leave over that? As long as you are aware of it and use a unique password how does it impact you? They would have to have a very specific and unnoticed breach that gets database and key.

Is it worry that they are lax in security elsewhere?

[masterzora]

I'm not one such person (although I've never used DH's services for other reasons, even while I was employed by such), but I could imagine a reasonable person saying "if they take part in bad practice X of which I know, what other bad practices might they take part in of which I don't know?"