Page 1 of 1
registration e-mail
Posted: 23 Aug 2006, 06:37
by Cosmostrator
A suggestion for better security on the forums. When I registered the comfirmation e-mail had both my username and password in plain text. This seems like it would be something too easy to exploit. I would prefer not to recieve my password at all.
Thanks for making a great game.
-DAVe
Posted: 23 Aug 2006, 07:10
by ElvenProgrammer
Unfortunately phpBB does not seem to support this feature yet.
Posted: 23 Aug 2006, 12:05
by Crush
in my opinion all automatic registration services should have an optional box to paste a public pgp key so one can receive all automatic emails encrypted.
too bad that pgp doesn't get wide acceptance. it is a really useful technology.
Posted: 28 Aug 2006, 19:38
by Platyna
Actually PGP is pointless if you use encrypted SMTP negotation on both sides. About plain passwords, forums are generally not meant as a secure software, same as majority of web applications, so it is good to use different passwords for any of them, and to use some temporary passwords while registering.
Regards.
Posted: 28 Aug 2006, 19:44
by Crush
Platyna wrote:Actually PGP is pointless if you use encrypted SMTP negotation on both sides.
encrypted transfer of the emails doesn't protect you from security flaws or indiscretion on the side of your email provider.
Posted: 28 Aug 2006, 19:53
by Platyna
Actually you can use a cannon to kill a fly, but would you?
Regards.