I'm a member of the American Library Association. In the past two months, I've received two email reminders to renew my membership. Within the body of the email, ALA included my login and password. It was not a secure email.
I have never experienced an organization or business sending me unsolicited login and passwords before this encounter.
Usually, when a user forgets his or her login or passwords, he will be directed to a secure website where he can answer a secret question and then have an email sent to him. When he opens his email, he will find a link to a secure website that has contains his login and password.
Why can't ALA institute similar procedures. The ALA prides itself on defending Americans' right to privacy, so why does it flaunt it's members' privacy?
No comments:
Post a Comment