If a website you've signed up to emails your password to you, you've got a security problem that should send you running.

Sadly, no authority is tackling shoddy management of the keys to people's online lives, but thankfully two software developers from Israel are waging a campaign with the only means available: naming and shaming perpetrators.

In 2011 Igal Tabachnik and Omer van Kloeten launched the website Plain Text Offenders, which now has 25,000 followers on Tumblr and has become the go-to noticeboard for outing organisations that fail to encrypt their user's passwords.

Plain Text Offenders has named 3100 sites for the practice, among them dozens Australian organisations that should know better, including the Australian Taxation Office, Australia Post, AGL, BigPond,Kennards, MyDeal.com.au, Melbourne IT, Moshtix, Pearsons, Pizza Hut, The Good Guys, Ticketek and TPG.

"Back in April 2011, I mentioned over Twitter that I was pissed off about yet another site emailing me my password in plain text," van Kloeten told Fairfax Media.