Welcome to the forum:
Our moderators actively respond to forum support requests during normal business hours which are Monday-Friday, 8am - 5pm Central Standard Time, typically within one business day. Although some moderators choose to work during the weekends, we can not guarantee immediate attention to your requests. Thanks for understanding.
What is included with support:
Premium support includes theme/plugin issues such as: bugs encountered under normal operation, how to use basic features, basic WordPress help, and basic help with customization (meaning we point you to resources and will help in more depth as time allows). More information.
Posted 31 January 2014 - 10:10 AM
It is a basic password security issue that account passwords should be encrypted, hashed and salted so that not even the iThemes support staff need to see our passwords. Sending passwords in plain text in e-mail is quite irresponsible.
For websites that maintain plain text passwords, I usually don't bother to even complain; I just change to a low security password that I don't care about. However, I sincerely hope to have a long relationship with iThemes, so I really do care enough to complain about this.
Could you please change your password policy so that user passwords remain invisible and unknown even to support staff?
Posted 03 February 2014 - 01:21 PM
The email being sent out with the input password is part of the old system that we built our membership system out of. Over the years, we've removed piece after piece of that old system, but some of it still remains. That email is one of the remnants.
I mentioned this to our internal developer to see about getting a roadmap together for replacing the remaining bits with something improved in both the sense of security and features. As some of this is baked deep into the code of that system, it will likely take some time to develop a new solution.
Thanks for reminding us of it as those of us in the office rarely see some of those messages.