*Beware!* Unsecured account information!

BadSpock

So I tried this game for a few hours like a week ago. Meh, not bad but not worth my time.

Anyways -

Then today, out of the blue, I get an e-mail from Bigpoint that has not only my username but also my PASSWORD in plain-text format.

This is bad, this is very bad.

E-mailing me my password in plain-text format means that they have NO encrpytion what so ever on their account database, which means eventually they WILL get hacked and account info WILL get published out to the web.

I kindly e-mailed them to get my information purged from their database and informed them of the wonders of encryption and salts / hash lol

Case in point - don't trust any online game that doesn't understand or implement even the most BASIC of security precautions and certainly do NOT give them any money unless you want your identity stolen by hackers.

Phry

Originally posted by BadSpock

So I tried this game for a few hours like a week ago. Meh, not bad but not worth my time.

Anyways -

Then today, out of the blue, I get an e-mail from Bigpoint that has not only my username but also my PASSWORD in plain-text format.

This is bad, this is very bad.

E-mailing me my password in plain-text format means that they have NO encrpytion what so ever on their account database, which means eventually they WILL get hacked and account info WILL get published out to the web.

I kindly e-mailed them to get my information purged from their database and informed them of the wonders of encryption and salts / hash lol

Case in point - don't trust any online game that doesn't understand or implement even the most BASIC of security precautions and certainly do NOT give them any money unless you want your identity stolen by hackers.

that kind of thing can give companies a bad name.... after the sony debacle people are a bit wary about how their personal data is treated.. or perhaps we're just becoming more aware..