Comment 6 for bug 265179

Ran into this today, believe it or not, on the Python mailing list. I'm surprised that bad security is justified by referring to bad policy documentation... as if the fact that a bad idea written as policy on a subscription page makes it suddenly a good idea or beyond criticism. IMHO Users should not be told to "follow instructions" to compensate for lax handling of password data, no matter how trivial it may seem.