1) I simply don't believe your claim that the number of stolen emails is so high that sending password retrieval links via email is unfeasible. This isn't a new problem that is just faced by hover.com, and most solve it without resorting to plain text passwords.
2) You aren't taking a wide enough view here. By storing and sending plaintext passwords you are doing more than making someone's hover.com account insecure. You are creating a weak link that may reveal a user's password that is used in any number of places. If I were to use hover.com, and someone got access to your DB, they would get my 2nd tier PW and instantly have access to my Facebook account and a number of other things that could cause havoc in my life. This seems obvious, but there is little to no acknowledgement of this fact in the post above.
3) Trust has been lost, as account security is clearly not a priority among your engineers. You may change things, but those changes will be made by someone who thought storing plain text passwords and sending those passwords in email is OK. Even after passwords are no longer sent around via email, who knows what kinds of other security flaws will remain that aren't clearly explained on the corporate blog?
With all this being said, it's great that you came here to acknowledge fault. Best of luck to you, but I have to say that I won't ever be a customer.
I don't disagree with most of what you are saying, and would add that good security practice is a shared responsibility. Sharing passwords across sites is the user equivalent of storing passwords in plain text. i.e. It might be secure enough until its not.
1) I simply don't believe your claim that the number of stolen emails is so high that sending password retrieval links via email is unfeasible. This isn't a new problem that is just faced by hover.com, and most solve it without resorting to plain text passwords.
2) You aren't taking a wide enough view here. By storing and sending plaintext passwords you are doing more than making someone's hover.com account insecure. You are creating a weak link that may reveal a user's password that is used in any number of places. If I were to use hover.com, and someone got access to your DB, they would get my 2nd tier PW and instantly have access to my Facebook account and a number of other things that could cause havoc in my life. This seems obvious, but there is little to no acknowledgement of this fact in the post above.
3) Trust has been lost, as account security is clearly not a priority among your engineers. You may change things, but those changes will be made by someone who thought storing plain text passwords and sending those passwords in email is OK. Even after passwords are no longer sent around via email, who knows what kinds of other security flaws will remain that aren't clearly explained on the corporate blog?
With all this being said, it's great that you came here to acknowledge fault. Best of luck to you, but I have to say that I won't ever be a customer.