They just don't get it!

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
I recently signed up at a casino that shall remain nameless, but I was surprised when I recieved 3 emails from them. One included the password I used to sign up.

When I emailed them telling them how insecure this practice was, I was greeted by this email:

Dear Brian,

Thank you for contacting xxxx Casino, this is Karen from the support team.

We are sorry that you feel this way however, you are the only person should have access to your email address due to the fact that you need a password to get in.

The email address that you register on your account is the one that you receive information to so if you are saying your email address is not safe, you could change it or your password.

My reply (waiting on answer):
There's many ways to intercept packets from the network an email is sent from, as well as along the way. Any sensitive information that is sent via plain text is very insecure.

I don't see Neteller, Paypal, my Bank, nor any other service that can potentially lead to monetary loss sending my password out via email.

If a person loses their password in the above cases, they will either make you call them to recieve a new one, or have something setup on their website, that is over a SSL (encrypted) connection, to reset your password after answering certain security questions to ensure it's actually the person in question.
Do they not get it? Sending out passwords via plain text in emails is totally uncalled for and insecure as hell. I don't see Neteller, Paypal, my bank, or any other business that deals with money sending out passwords via emails. Maybe they should take a hint?

*shakes head*
 

nektar4d

Dormant account
Joined
May 9, 2005
Location
European Union
Many Playtech casinos email the password

Good point winbig.

Actually many playtech casinos do that. Its not a new problem.
I suppose its because there is no "remember password" option in the login screen, so that you may come back easier as a player at a later time... As of today there have been a few playtech with that option installed and its convenient.

Also, if you happen to change the currency a new account is created where many casinos email the new password. And there is no option inside the lobby for the player to change it manually, which is unacceptable for security.
(I remember only Acropolis sent me a new password and when I login, I was asked automatically by the software to change the password with my choise).

I do believe Playtech should improve all these procedures for our security.
(All MG casinos have both "remember password" and manual change options)
 

Slotster!

I predict a riot.
Joined
Oct 17, 2004
Location
Location, Location!
What's hilarious is where they say you need a password to access your email... Really? No shit Sherlock!.. I really wonder who gives these people the responsibility of representing their organisations sometimes!

If my CS people were anywhere near the enormous amount of horror stories I read from casino's - I'd be out of business in a week!!!
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
This reminds me, did RTG ever change their ways on how you cash your comp points in? Last time I played at an RTG you were directed to an insecure (not https) webpage, whereupon you had to enter your account number AND password to get in. Hackers would have a field day with this.

If you ask me, if they want to continue to send out passwords via email, they should use PGP. There's plenty of freeware programs to use for this method of communication, and it wouldn't take long for them to create a tutorial on how to use it; although it's pretty simple.
 

tennis_balls

Dormant account
Joined
Mar 18, 2006
Location
Albuquerque, NM
winbig said:
I recently signed up at a casino that shall remain nameless, but I was surprised when I recieved 3 emails from them. One included the password I used to sign up.

I wish you would go ahead and name this casino so anyone reading this thread would know to avoid them.
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
tennis_balls said:
I wish you would go ahead and name this casino so anyone reading this thread would know to avoid them.


Well, since I just noticed the other thread with major problems regarding this casino, I will.

It's Sierra Star.

What really gets me about these emails (I never recieved a reply to the last message I sent although I recieved one in about an hour from my original message) is the fact that they went on the defensive right off the bat with the attitude of "You're stupid, we know what we're doing and won't change a thing", instead of "Thanks for the suggestion, I'll forward it to the appropriate party for consideration" - Then proceeding to ignore my explanation of why in fact they need to change this practice.
 

bb1webs

Webmaster
Joined
Apr 4, 2005
Location
BondedCasinos.com
I really wonder who gives these people the responsibility of representing their organisations sometimes!

Me too!

And its not like we're talking about businesses which have little need for a competent rep. In this niche confidence, competence and courtesy is everything.

Contrary to what the casino apparently thinks .. the confidence is not in the casino's certainty of their own competence but rather the confidence they are able to instore in their customers by PROVING competence ... and even if the stupid b#!#&&#!s were actually correct in their stance ... they ought to have enough sense to not insult their players by pointing it out in such a rude manner.

.... IF they had actually been correct. :rolleyes:
 

Buddy

Dormant account
Joined
Mar 3, 2006
Location
UK
Cor blimey

I can't believe is casino and its excuse. What a bunch of amatuers. Screams of desperation and/or a complete lack of management. :eek:
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
Why can't they just follow suit with Global-Player?


If you wish your correspondence with the Global-Player Casino to be private and confidential, please use one of our PGP keys.
 

paul02085

Dormant account
Joined
Jan 29, 2002
Location
USA
Poor casino management. A subject dear to my heart. I have been bitching about this for years, lol. Might as well beat your head against a wall. For every 32 Red there are 100 Sierra Stars.
 

AussieDave

Banned User
Joined
Dec 24, 2005
Location
Australia
Depending on the casino and where its support centre is based, pretty much determines the quality of responses your going to receive.

(not that this 100% fool proof).

I've found trying to converse with a high number of CSR's based where English is their second language, your going to hit problems.

I've tried to over come this with both emails and phone (both in clear simple English) but nothing works.
Even hard copy & pastes from their casino's web site leaves you feeling in need of a triple scotch when trying to get sense out of a basic question, let alone a more complex issue.
 
Top