Jump to content
MakeWebGames

Europeangangsters

BlueEG

By BlueEG
in Show off

 Share

Recommended Posts

  • 2 weeks later...
BlueEG Newbie

BlueEG

Posted
  • Author
Posted (edited)
8 hours ago, radio_active said:

Do you have a demo account we can try?

Username: MWGDemo

Password: demo

Edited by BlueEG
DAMINK Newbie

DAMINK

Posted
Posted

Registered.   No validation required.... Ok.

Got an email sent to me anyway with what appears to be an attempt to send me my password back?  

"Dear DAMINK, you are now registered at European Gangsters, you used the ip xx.xxx.xxx.xxx To login, simply go to EuropeanGangsters.com and enter in the following details in the login form: Username: DAMINK Password: Please print this information out and store it for future reference. Thanks,"

If so then i have a couple of concerns.

1) Are the passwords salted?  or secured in any way?

2) Sending info like username and passwords over email is a bad idea.  A NO NO infact!  Make a recovery form with some sort of token.

BlueEG Newbie

BlueEG

Posted
  • Author
Posted
1 hour ago, DAMINK said:

Registered.   No validation required.... Ok.

Got an email sent to me anyway with what appears to be an attempt to send me my password back?  

"Dear DAMINK, you are now registered at European Gangsters, you used the ip xx.xxx.xxx.xxx To login, simply go to EuropeanGangsters.com and enter in the following details in the login form: Username: DAMINK Password: Please print this information out and store it for future reference. Thanks,"

If so then i have a couple of concerns.

1) Are the passwords salted?  or secured in any way?

2) Sending info like username and passwords over email is a bad idea.  A NO NO infact!  Make a recovery form with some sort of token.

 

 

Passwords are encrypted with BCrypt

And the password sending was removed after the testing phase, we just missed off removing from the email

To reset password we have it send an auth code to the email which you enter upon a reset password page to change the password.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...