@Hyoka
The idea isn't that a person will get your password through your email, it's that they'll get everyone's passwords via the database the site stores them in. Currently, that's impossible, because the site doesn't store the passwords at all- it stores some sort of randomly generated nonsense that is invented. The nonsense isn't just a simple translation, it's completely random, so even if someone got into the database, they wouldn't be able to figure the passwords from it. Essentially, this way of setting things up is nearly 100% safe, while storing the passwords is inherently risky.
If I'm remembering right, after there was a big scare with some other site's database being hacked, FR upped their security because a lot of the users demanded it. Everyone had to make a new password at that time. It think it was then that they added this extra hashing, I don't think it was always how the site worked. Given that they added it post-release, and given that the change was prompted by user demand, I doubt they'd remove it.
The idea isn't that a person will get your password through your email, it's that they'll get everyone's passwords via the database the site stores them in. Currently, that's impossible, because the site doesn't store the passwords at all- it stores some sort of randomly generated nonsense that is invented. The nonsense isn't just a simple translation, it's completely random, so even if someone got into the database, they wouldn't be able to figure the passwords from it. Essentially, this way of setting things up is nearly 100% safe, while storing the passwords is inherently risky.
If I'm remembering right, after there was a big scare with some other site's database being hacked, FR upped their security because a lot of the users demanded it. Everyone had to make a new password at that time. It think it was then that they added this extra hashing, I don't think it was always how the site worked. Given that they added it post-release, and given that the change was prompted by user demand, I doubt they'd remove it.
Collector of