I'm considering getting a new web host. Imagine this scenario: because you're a good webmaster or site owner you decide to change all of the passwords on your site accounts. This includes FTP, email, control panel admin, etc. When you go to change the FTP user account password, you encounter this message:

You've got to be kidding me. As you can see in the image, the attempted password is "P4$$worD". In this day and age you'd think that any site hosting any type of account that a customer is paying for would allow strong passwords. I don't even want to know why they don't allow non-alphanumeric characters.

In addition, the password is displayed in the browser without being masked! You can't get much more fundamentally unsecure than that. I've noticed this not only in FTP user maintenance but also with email user maintenance screens.

I'm probably compromising the security of my FTP server by writing this post and broadcasting the fact that my host's FTP passwords are weak (or medium-strength at best). But for those of you looking to use WebHost4Life.com as a web host then I urge you to reconsider.