This will be done eventually. Right now we utilize this information to help users that have lost their email, alias and other information that would basically cause them to have to re-purchase a membership. This is not a banking or other highly secure website. We do not store real names, any financial data, birthdates, etc. Only alias, email and password. We have 3 very restrictive firewalls, one being hardware and two being software to protect our web application. The entire site utilizes SSL as well as HSTS. The storing of passwords in plain text poses no threat to your online security if you utilize separate passwords for each website or application like you should be doing. There have been BILLIONS of user accounts compromised from huge organizations like Yahoo, Target, ebay, Home Depot, PSN, etc (
Link. Except in these cases, criminals didn't get away with passwords, they got real names, birthdates, social security numbers, credit card numbers and a ton of other information that could be used to steal a person's entire identity. I remember one hack of like 500 MILLION accounts that kept everything in clear text, but at least the password was encrypted! Personally I would rather have my password leaked than ALL of my personal details like birthdate and social security number. I can change my password, I can't change that other stuff. If you are uncomfortable with our current security practices, I will be happy to delete your account along with all traces of it.