I have had good luck a couple of times finding good vinyl on MusicStack when the prices or availability on Discogs has fallen short. If anyone remembers, my incident with the Nat Adderley Calling Out Loud record, listed as near mint, was in unsuitable condition. After returning it to the seller, I found a sealed copy on MusicStack for half the price. Likewise, a recent search for a specific record turned out successful on MusicStack when copies on Discogs were selling for more than double the price. It's a source we shouldn't rule out using.
As a caveat, though, I had forgotten my login information for MusicStack and after finally realizing which email address I used, I went to retrieve my password.
It wasn't a password reset. They sent my password to me, in plain text. Not good.
Thankfully, monetary transactions take place through PayPal, yet it does not sit well with me that they are not storing information securely. Without getting way too technical, just about all sites on the Internet encrypt passwords with a one-way process and store them in the database that way. Including our site here. When a person logs in, they enter a password and it is similarly encrypted--if the end results matches the encrypted version in the database, then they are allowed access. If a password is loss, we cannot retrieve it--that is why we use a password reset feature.
Granted, there isn't much stored on MusicStack. And our information travels encrypted over the Internet using SSL, so a forgotten password email isn't quite so harming. But if their database is ever hacked, our email and password are exposed to the public. And if you are someone who reuses the same password in many places, that is fair game for a hacker trying your email address and password combination on other sites.
Advice?
Don't be too scared off by it. Remember, payments go through PayPal, and that user ID/password combination bypasses MusicStack. For the site itself, use a complicated, unique password that you use nowhere else. If you already have an account, change your password as soon as possible, and delete as much identifying information as you can.
