Logo by mauxuam - Contribute your own Logo!
News: Support us via Flattr FLATTR Link
 
*
Welcome, Guest. Please login or register. August 23, 2014, 05:34:00 AM


Login with username, password and session length



Pages: [1]   Go Down
  Print  
Share this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on RedditShare this topic on StumbleUponShare this topic on Twitter
Author Topic: Insecurity during Forum Registration  (Read 651 times)
0 Members and 1 Guest are viewing this topic.
joeytwiddle
Guest
« on: June 03, 2011, 12:58:35 AM »

When I registered a new forum account, the forum sent me an email which contained my password in PLAINTEXT!

I don't think it should do that!

The message was:

Your registration request at Welcome to Fractal Forums has been received, joeytwiddle.

The username you registered with was joeytwiddle and the password was XXXXXXXXX.
Logged
Sockratease
Global Moderator
Fractal Senior
******
Posts: 2241



« Reply #1 on: June 03, 2011, 01:37:25 AM »

When I registered a new forum account, the forum sent me an email which contained my password in PLAINTEXT!

I don't think it should do that!

The message was:

Your registration request at Welcome to Fractal Forums has been received, joeytwiddle.

The username you registered with was joeytwiddle and the password was XXXXXXXXX.

As far as I know, that part of the forum is automated and cannot be adjusted.

It's no real security lapse at all though.  You can, and should if concerned, change the password immediately after activating the account.  The email is then worthless.

Sorry it bothered you, but I think there's no way to change that.

Christian  (our Fearless Leader)  may know for sure though   police
Logged

Life is complex - It has real and imaginary components.
Xazo-Tak
Navigator
*****
Posts: 77



« Reply #2 on: September 06, 2011, 12:05:33 AM »

Do you have someone watching over your shoulder as you do emails? Is someone actually interested in stealing a brand new (and so not very valuable) forums account? I don't think so.
Logged

I lost the game!
cbuchner1
Fractal Phenom
******
Posts: 440


« Reply #3 on: September 06, 2011, 12:24:10 AM »

Do you have someone watching over your shoulder as you do emails? Is someone actually interested in stealing a brand new (and so not very valuable) forums account? I don't think so.

The issue is that email can be scanned easily by any third party that it is passing through (various ISPs). It's essentially like sending a postcard.  And a lot of people re-use their passwords a lot, which makes it even more dangerous when such passwords get compromised.
Logged
cKleinhuis
Administrator
Fractal Senior
*******
Posts: 5488


formerly known as 'Trifox'


WWW
« Reply #4 on: September 06, 2011, 01:03:53 AM »

....it has been since ever since, and it stays there, i was thinkin about it, but, i came to the result that convenience superiors security cheesy
and when you let it send to you it is also send in clear text, e.g. for password retrieval

though i think smf2.x forums uses a better pw management system... but dunno about that...
Logged

---

divide and conquer - iterate and rule - chaos is No random!
Pages: [1]   Go Down
  Print  
 
Jump to:  


Related Topics
Subject Started by Replies Views Last post
USA Copyright Office to Increase Registration Fee Commission an Artist Nahee_Enterprises 3 22229 Last post September 06, 2011, 12:31:46 AM
by Xazo-Tak
New to Forum - Hi from New Orleans Meet & Greet wolfepaw 6 908 Last post October 25, 2010, 03:15:50 AM
by Fiery
New to forum Meet & Greet nc4tc 6 763 Last post February 09, 2009, 10:35:23 PM
by cKleinhuis
A New Forum Has Started Chaoscope Nahee_Enterprises 1 699 Last post April 03, 2009, 07:25:14 PM
by The_Fractalist
New to this forum Meet & Greet fractalbob 2 484 Last post July 02, 2009, 12:48:17 AM
by Nahee_Enterprises

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM
Page created in 0.177 seconds with 28 queries. (Pretty URLs adds 0.01s, 2q)