Just tried out iCab again after many months off (really like it now), but was horrified to see that my MLA cookie has both my username and UNENCRYPTED password in it!
Not to be paranoid, but this is most definitely not a comforting thought!
Can anything be done about this without causing too many headaches for the moderators or webmaster?
Posted - 19 Aug 2002 : 20:40:31
I just checked my cookies as well (IE 5.2.1 X). Sitting right there is my username and password unencrypted. Apparently the information is not encrypted from the Snitz 2000 forum software.
------------------ Captain Z - Mobile Operations Commander 68K Macintosh Liberation Army 23 68K Macs Liberated
Posted - 19 Aug 2002 : 21:14:27
Yeah, turn off cookies and log out. Nah, sorry, I don't know much about how Snitz handles cookies and/or how to make it better.
Posted - 19 Aug 2002 : 21:38:49
Chances are good that the forum software is all embedded and we can't change it, but it is definitely something that we can mention to the developers to add/change for a more secure login.
_______________________ Sgt. Thelip Heavy Weapons Specialist - 950 division Liberated Macs: 12 ** SEE IF MY NEWTON IS ONLINE AT nsa68k.kicks-ass.net ***
Whoa! Major cookiejar security problem here!
Posted - 19 Aug 2002 : 20:08:14
68k of the Week: kastegir's PowerBook 180.