25 Jul 05
Anyone logged in as someone else can currently steal your password simply by changing the e-mail to their own. It then e-mails that address with the password. Please make it so you must retype your password to make personal adjustments. This will cut down on a big security hole. Of couse you shouldn't stay logged in on a computer you don't trust, but still...
25 Jul 05
Originally posted by Coconut??? How can I log in as " someone else" without knowing the "someone else" email address ?
Anyone logged in as someone else can currently steal your password simply by changing the e-mail to their own. It then e-mails that address with the password. Please make it so you must retype your password to make personal adjustments. This will cut down on a big security hole. Of couse you shouldn't stay logged in on a computer you don't trust, but still...
25 Jul 05
Originally posted by CoconutWell,I guess it can be done only if you leave your login informations on a public computer.
If someone left themselves logged in, you could take that account's password.
If you're clever enough to delete cookies after you ended your session,let's say in a public library, that trouble cannot happen.
25 Jul 05
Originally posted by RavelloI know, but I also know that in the computer service business you must try to accomodate to the dumbest customer. Someone leaving their account on can get their games moved in, but we should try to avoid stolen accounts, or worse:
Well,I guess it can be done only if you leave your login informations on a public computer.
If you're clever enough to delete cookies after you ended your session,let's say in a public library, that trouble cannot happen.
Often people use the same password. Get one password, you get the e-mail password, you get the bank account password. Now a few lost games is one thing, but when the system allows one mistake to give someone your whole account, that needs to be fixed.
Russ?