winbig
Keep winning this amount.
- Joined
- Mar 10, 2005
- Location
- Pennsylvania
I recently signed up at a casino that shall remain nameless, but I was surprised when I recieved 3 emails from them. One included the password I used to sign up.
When I emailed them telling them how insecure this practice was, I was greeted by this email:
My reply (waiting on answer):
*shakes head*
When I emailed them telling them how insecure this practice was, I was greeted by this email:
Dear Brian,
Thank you for contacting xxxx Casino, this is Karen from the support team.
We are sorry that you feel this way however, you are the only person should have access to your email address due to the fact that you need a password to get in.
The email address that you register on your account is the one that you receive information to so if you are saying your email address is not safe, you could change it or your password.
My reply (waiting on answer):
Do they not get it? Sending out passwords via plain text in emails is totally uncalled for and insecure as hell. I don't see Neteller, Paypal, my bank, or any other business that deals with money sending out passwords via emails. Maybe they should take a hint?There's many ways to intercept packets from the network an email is sent from, as well as along the way. Any sensitive information that is sent via plain text is very insecure.
I don't see Neteller, Paypal, my Bank, nor any other service that can potentially lead to monetary loss sending my password out via email.
If a person loses their password in the above cases, they will either make you call them to recieve a new one, or have something setup on their website, that is over a SSL (encrypted) connection, to reset your password after answering certain security questions to ensure it's actually the person in question.
*shakes head*