Trending Games | Guild Wars 2 | Final Fantasy XIV: A Realm Reborn | Warhammer 40K: Eternal Crusade | EverQuest

  Network:  FPSguru RTSguru
Login:  Password:   Remember?  
Show Quick Gamelist Jump to Random Game
Members:2,920,513 Users Online:0
Games:760  Posts:6,311,777
Bigpoint | Play Now
MMORPG | Genre:Sci-Fi | Status:Final  (rel 2011)  | Pub:Bigpoint
PVP:Yes | Distribution:Browser | Retail Price:n/a | Pay Type:Free | Monthly Fee:n/a
Browser GameOut of date info? Let us know!

Battlestar Galactica Online Forum » General Discussion » *Beware!* Unsecured account information!

2 posts found
  BadSpock

Hard Core Member

Joined: 8/21/04
Posts: 7769

Logic be damned!

 
OP  9/16/11 1:13:57 PM#1

So I tried this game for a few hours like a week ago. Meh, not bad but not worth my time.

Anyways -

Then today, out of the blue, I get an e-mail from Bigpoint that has not only my username but also my PASSWORD in plain-text format.

This is bad, this is very bad.

E-mailing me my password in plain-text format means that they have NO encrpytion what so ever on their account database, which means eventually they WILL get hacked and account info WILL get published out to the web.

I kindly e-mailed them to get my information purged from their database and informed them of the wonders of encryption and salts / hash lol

Case in point - don't trust any online game that doesn't understand or implement even the most BASIC of security precautions and certainly do NOT give them any money unless you want your identity stolen by hackers.

Now Playing: Destiny, WoW

  Phry

Elite Member

Joined: 7/01/04
Posts: 5517

9/16/11 1:15:46 PM#2
Originally posted by BadSpock

So I tried this game for a few hours like a week ago. Meh, not bad but not worth my time.

Anyways -

Then today, out of the blue, I get an e-mail from Bigpoint that has not only my username but also my PASSWORD in plain-text format.

This is bad, this is very bad.

E-mailing me my password in plain-text format means that they have NO encrpytion what so ever on their account database, which means eventually they WILL get hacked and account info WILL get published out to the web.

I kindly e-mailed them to get my information purged from their database and informed them of the wonders of encryption and salts / hash lol

Case in point - don't trust any online game that doesn't understand or implement even the most BASIC of security precautions and certainly do NOT give them any money unless you want your identity stolen by hackers.

that kind of thing can give companies a bad name.... after the sony debacle people are a bit wary about how their personal data is treated.. or perhaps we're just becoming more aware..