I registered for a webpage years ago and have been using it without issues, today I made some changes to my account and they sent me an email containing my username and password in clear text.
I sent the company an email questioning their password handling procedures, but they claimed it was watertight.
My question is: When they send me my password in clear text does that mean they are actually storing it in cleartext (or in a easily reversible cryptographic way)?
I thought the whole point was that the password was hashed in a non-reversible fashion?