parquedematthew said:At first I admit I laughed but in reality, the ability to hijack someone's account and let's say cut a CashBack check to another address is a valid concern. If I recall correctly, I believe there have been users whose CashBack has reached hundreds or even thousands of dollars, correct? That's getting beyond petty amounts. You would only have to identify a user who makes alot of purchases, intercept their login credentials and when the time is right, cut yourself a massive check. Highly unlikely but since we are talking real money here, you've got my vote OP.If someone hacks into your account and requests a CB check, IIRC you will be notified that the check has been sent via email. If you receive this notification and you haven't requested CB yourself, you'll know that something is wrong and FW can cancel the check.

jayK said:When using OpenID to log in, does authentication take place on OpenID's secure servers? If so, that could be an alternative for those who are uncomfortable with the non-SSL logon process.

As for those who want their street address secured, perhaps FW could offer a premium service for something like $1/month to help defray the costs of implementing SSL. Only those who subscribe to the premium service would be able to use the SSL server to protect their "sensitive" info.

Interesting, I didn't realize they had an OpenID option. I will have to check that out but it only solves part of the problem. I am familiar with OAuth and other similar SSO systems but not OpenID.

jayK said:If someone hacks into your account and requests a CB check, IIRC you will be notified that the check has been sent via email. If you receive this notification and you haven't requested CB yourself, you'll know that something is wrong and FW can cancel the check.
If someone was able to "hack" into your account by obtaining the "unencrypted" password, wouldn't they be able to change the account's email address prior to submitting a CB request. Even though the email address change would not take affect until you click on the confirmation link in the notification email being sent the the new email address, couldn't the hacker still direct that email to a one of his/her known junk account? Just my opinion, but a good safeguard for email address changes would be to email the old email address with the change confirmation. Let's just hope the "real" FW account holder isn't using the same password for his/her email account.

HTN said:jayK said:If someone hacks into your account and requests a CB check, IIRC you will be notified that the check has been sent via email. If you receive this notification and you haven't requested CB yourself, you'll know that something is wrong and FW can cancel the check.
If someone was able to "hack" into your account by obtaining the "unencrypted" password, wouldn't they be able to change the account's email address prior to submitting a CB request. Even though the email address change would not take affect until you click on the confirmation link in the notification email being sent the the new email address, couldn't the hacker still direct that email to a one of his/her known junk account? Just my opinion, but a good safeguard for email address changes would be to email the old email address with the change confirmation. Let's just hope the "real" FW account holder isn't using the same password for his/her email account.

Too many people do this unfortunately.... They also do the same thing for their banking passwords etc... So you get into their primary email account and you own their life, this is one of the reasons I like to see sites hash passwords so even if the database is compromised they only get (Hopefully salted) hashes of user passwords. Sure if it isn't salted someone can use rainbow tables to determine most weak passwords but most attackers will look for easier avenues.

They would still need to know what type of hash was applied before the rainbow table would work. Just getting the database wouldn't do them any good.

No CC's or SSN's might be stored, but someone could hack an account and direct a CashBack check to themselves. The user might not even catch it for months...

Also, the hacker can try the email/username/password combination on other sites and get access to more important information.

mudley said:I can assure you, your password is very salty and hashed
As great as it is that you are protecting the data on your end, you are putting your customer's accounts at risk of being compromised by not using SSL. Granted, the information someone could obtain may not be of the utmost secrecy, but none-the-less, should remain confidential if that's what your members want. SSL adds a tremendous amount of overhead, both on bandwidth and server processing. I'm not advocating SSL for accessing all areas of FW, but it would be in everyone's best interest if you at least used SSL for login pages and anything having to do with personal information, CashBack, etc.

My two cents.