[deanpcmad]

Just because it was sent by email, doesn't mean they aren't encrypting passwords. When the password is sent to their servers it's unencrypted anyway so can be read and sent in an email. I do disagree with passwords being sent by email though

[strangestchild]

I think the point is that storing even encrypted passwords is not as safe as storing (salted) hashes, because if the database was compromised, the encryption key would likely be compromised as well. It's safer if even the site themselves do not know your password.

Technically, you are right to say that there's no evidence passwords are being stored in plaintext, but encrypted stores really aren't any better.

[nobodyshere]

Now try thinking about what you've just said, please.

[martinced]

Nobody accused them of "not encrypting" [sic] passwords. People accused them of storing passwords in clear text.

These are two entirely different things.

Why? Because passwords should NEVER be encrypted. Passwords are meant to be hashed (with a salt) and the hash (+salt) is what should be stored on their servers.

You really should know better...