|
#1
|
|||
|
|||
WPEX security issue
It's not major, but I just noticed on wpex that if you type your password in, you can type anything after it and it will still log you in.
example if your password was dog, it would accept dog1, dogfood, dog1food, etc I know its not that big of a deal but it makes me wonder what other problems they could potentially have with their software.... * * * Edit/MH: If this is true, it is a very serious issue and deserves its own thread outside the Official thread. |
#2
|
|||
|
|||
Re: WPEX security issue
[ QUOTE ]
It's not major, but I just noticed on wpex that if you type your password in, you can type anything after it and it will still log you in. example if your password was dog, it would accept dog1, dogfood, dog1food, etc I know its not that big of a deal but it makes me wonder what other problems they could potentially have with their software.... [/ QUOTE ] Wow. That IS a big deal. Seriously. |
#3
|
|||
|
|||
Re: WPEX security issue
i could log into their casino site omitting the last letter/number of my password. DOPE
|
#4
|
|||
|
|||
Re: WPEX security issue
I have not been able to replicate this on the sports site or poker client. The casino forces you to log in through the sports site from the sports side or come from the poker room.
Fred Balfour GM WSEX.com |
#5
|
|||
|
|||
Re: WPEX security issue
[ QUOTE ]
I have not been able to replicate this on the sports site or poker client. ... Fred Balfour GM WSEX.com [/ QUOTE ] I was able to replicate it in the poker client. I have an 8 character password, the maximum length allowed, so, my guess is that the software is just tossing out any characters in excess of 8 as if they weren't entered. Can the original poster tell us if his pw was also 8 characters? B. |
#6
|
|||
|
|||
Re: WPEX security issue
[ QUOTE ]
[ QUOTE ] I have not been able to replicate this on the sports site or poker client. ... Fred Balfour GM WSEX.com [/ QUOTE ] I have an 8 character password, the maximum length allowed... [/ QUOTE ] There is a maximum allowed length of 8 characters?? WSEX GM, if this is true, what is the reason for this? Seems like a very bad idea from a security perspective. |
#7
|
|||
|
|||
Re: WPEX security issue
[ QUOTE ]
I have not been able to replicate this on the sports site or poker client. The casino forces you to log in through the sports site from the sports side or come from the poker room. Fred Balfour GM WSEX.com [/ QUOTE ] I was not able to duplicate this either. Every time I tried adding anything to my password I get a message saying "Wrong User Identification" |
#8
|
|||
|
|||
Re: WPEX security issue
[ QUOTE ]
I was not able to duplicate this either. Every time I tried adding anything to my password I get a message saying "Wrong User Identification" [/ QUOTE ] Less than 8 characters in your password? B. |
|
|