This makes me LMFAO,the NSA\GCHQ are taking the proverbials.
Ever changed a login name\user password on some site & get the whole caboodle in plain TEXT in a 'confirmation' email from the website?
It's a known FACT that NSA\GCHQ collect the content of ALL emails & share the data between them.
It doesn't take a high IQ to figure out just how stupid these sites are,when they do this.
I blame Microsoft for the above mess,one should be able to use a PINsentry device as a password system,it's impossible to defeat as only the pin holder knows the key & any capture is pointless when it's only valid one time.