So as it turns out the login page for the ALiVE War Room isn't secured and any sensitive data, according to both opera and chrome, can be taken easily. Due to this I spent about 15 minutes changing almost all my passwords as I realised that basically some of my accounts could easily be compromised. So whoever runs the ALiVE site should get onto that.
-
7 years ago
-
There's no need to put anything sensitive on War Room
-
Edited 7 years ago by Audric
@Friznit There's no need to put anything sensitive on War Room
You know, other than your password to log in. Not everybody uses unique passwords for every site. So unless I'm misinformed, a password is considered "sensitive" data.
-
I really don't see why someone would be using sensitive personal information for a website related to video games.
Regardless, they are looking into fixing this and thanks for bringing it to the dev's attention.
-
@Audric You know, other than your password to log in. Not everybody uses unique passwords for every site. So unless I'm misinformed, a password is considered "sensitive" data.
Technically passwords are not considered sensitive data themselves. However, you are correct that it's good practice to have some level of site security on a website login page, if for no other reason to reduce the risk of compromising username/password combinations that may have been inadvertently re-used elsewhere. Given our lack of web dev resource and the fact that ALiVE War Room has no sensitive data in it, it's been a low priority til now but we will fix in due course.