Not only is the email insecure, but they must have posted my password up to their server in plain text too #security101