[kadabra9]

this wasn’t a failure of, or a reflection of, the professionalism and integrity of our development or Tuts+ teams.

How is it not? There is NO excuse for storing passwords in plaintext, on any production site. From what I've read, they had this system in place for a while, and planned "to get around to" switching to a more secure password storage method eventually.

Sadly, it looks like a massive security breach was the catalyst they needed to realize that you can't put issues like user password security on the backburner.

Now, we get the same reactive "we're sorry, we should have known better" from the tuts+ leadership, and a promise that things will be better in the future. Why does it always take a humiliating security breach for companies like this to realize just how important user security, and by extension, your users' trust, really is?

[SoftwareMaven]

If the team came to him and said, "Mr CEO, we have this glaring security problem we want to fix", and then Mr CEO replied, "We have other, higher priority things to work on right now, so no, please do not fix that."

We already know they didn't write it, but we don't have enough other information to make any other judgements (and the blog post at least implies the above may have happened).