Re: Passwords in emails

[Al Mac Wheel <macwheel99@xxxxxxxxxx>]

Before e-mailing anything confidential, do a test that you have the new 
contact e-mail address correctly transcribed, otherwise your password may 
be sent to the wrong person.

Just as IT/400 personnel can read MSG/400 that people send each other and 
may think are private just sender and receiver, e-mail archive management 
personnel can read any e-mail between any employees.  But there is so much 
of it, no one is interested in reading all of it.

Moving into the future, Patriot Act mentality will require ISP archiving of 
all e-mail & all voice telephone traffic because within that vast personal 
and business traffic there is the remote chance of some terrorist 
communications to be mined by seeking key words.  C-Span covered the court 
case against AT+T copying of personal communications for NSA.  That was not 
just phone traffic.

Our private communications are not private.  But the threats to our privacy 
are less from government snooping, than the identity theft and financial 
theft underworld.

 ChadB@xxxxxxxxxxxxxxxxxxxx wrote:

> The point to realize is that once it leaves your own infrastructure,
> ANYTHING could happen to that email.  In most cases, that will be
> nothing... it will arrive on a destination server and then be kept nowhere
> else.  But the potential for it to be read or kept elsewhere is there;  so
> if it's a password to a crucial or valuable resource, it's probably a bad
> idea to send a password in clear text.  If for no other reason than as a
> CYA measure!
>
> There are alot of measures taken in IT security that are done for the sake
> of auditor comfort or really, really long shot vulnerabilities.  I see this
> issue as the same sort of thing... the potential for exploitation or
> trouble is pretty remote, but why open up the chance?