AChat Forum

Support => Slip of the pen (Report bugs) => Topic started by: stray on May 06, 2013, 01:56:06 PM

Title: Vulnerability in login "cookie"
Post by: stray on May 06, 2013, 01:56:06 PM

Hello, I've just noticed that in

C:\Users\<username>\AppData\Local\AChat\personal\login.bin

are stored login details in clear, without any type of cryptography.

This could be how some cracker steal user accounts, he need just a little software that send the content of that file.
Could be possible to crypt it?

Thank you.

Title: Re: Vulnerability in login "cookie"
Post by: Brandybee on May 06, 2013, 02:38:31 PM

i am always happy if new ideas increase security for our members.

well done Stray for spotting a way to ensure our members keep safe.

Keep them coming.  I hope Achat Gods take note of this.   ;D

Title: Re: Vulnerability in login "cookie"
Post by: stray on May 06, 2013, 02:43:31 PM

Np ^^