Sending passwords through email is a common practice. It is also a very bad practice. If you are on the receiving end of a password transferred this way, be sure to change it immediately after logging in. If you remain uncomfortable, ask the sender to reset the password and use the telephone to acquire the new password.
Be very wary about trusting sensitive information with any system administrator who insists that passwords via email are safe. What other practices are considered safe at this site? Would you trust this person to protect your credit card number, for example?
Emailed passwords are dangerous for all of the following reasons:
Whether you are sending or receiving a password, security best practices recommend that you avoid email entirely. Play it safe. It's always the best policy.
Knowledge is power. The Bitmill Inc. encourages links to our site. To link to this page, please cut and paste the following HTML code into your web page source file.
<a href="http://www.thebitmill.com/articles/password_email.html">Passwords in Email</a>
Your link will look like this:
Passwords in Email
Thank you for your interest and support.