Announcement

Collapse
No announcement yet.

Order confirmation email exposes password

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Order confirmation email exposes password

    I just ordered an SNP test (L69, for the curious) and when the confirmation email arrived it had, in addition to my kit number, my full FamilyTreeDNA.com password in plain text. I'm sure this is an oversite and will be corrected ASAP? Having this type of information broadcast over an unencrypted and insecure medium such as basic email is asking for trouble.

  • #2
    It is not broadcasting, it is showing to YOU in an email that you should also have a password to access.

    Comment


    • #3
      It's still a bad thing. If the email can get to you then you can always reset the password if you need to. In other words there is zero value add including it and some amount of risk.

      Comment


      • #4
        Exactly, 1_mke. I had logged in to place the order, so I obviously knew my kit number and password and there was absolutely nothing gained and everything risked in including them in the email.

        Roberta, I was using "broadcast" in its "to transmit" definition. And unless you are accessing your email via a SSL connection or better (i.e., RSA token logins) there is absolutely no guarantee that you are the only person who can access those emails. The vast majority of email users in the world couldn't tell you if their client uses SSL, encrypted authentication, or clear text authentication. And in the case of the last, passwords are analagous to the basic push lock on the front door of a house. They keep honest people out, but a determined criminal can still find a way in.

        Comment


        • #5
          Plus email is generally stored unencrypted on the server so anyone with elevated access to the email server would have the ability to look for passwords easily.

          Comment


          • #6
            Remove Passwords E-mails

            Hi,

            I have put in another request to have the password removed from the e-mails. No need to post this over here either. It is a valid site improvement request.

            Comment


            • #7
              Originally posted by Rebekah Canada View Post
              Hi,

              I have put in another request to have the password removed from the e-mails.
              And if FTDNA does remove the password from those emails I predict a big increase in helpdesk calls/emails due to forgotten passwords.

              My guess is that a large number of customers don't ever log into their accounts unless they are prompted to by such emails.

              C'est la guerre.

              Comment


              • #8
                Hi,

                You are right that that was exactly what happened back when we removed passwords from results and match notification e-mails. That is why the last time I updated those I added instructions on how to recover one's password.

                Originally posted by gtc View Post
                And if FTDNA does remove the password from those emails I predict a big increase in helpdesk calls/emails due to forgotten passwords.

                My guess is that a large number of customers don't ever log into their accounts unless they are prompted to by such emails.

                C'est la guerre.

                Comment


                • #9
                  Have there been any problems with stolen passwords reported?

                  I can see the need for strong protection of my retirement account, but what would motivate someone to steal my FTDNA account? They want my test results that badly? It is not even the password for the forum so they could not use my id to post off color jokes or something.

                  I don't see a need to separate out the initial password from the kit id. I think that is a service, not a risk. You might explain in that letter how to change your password and suggest more strongly that they sign in and start to setup their family tree or surname list while the kit is being processed. They could also join projects at that stage.

                  Comment


                  • #10
                    There is nothing wrong with having your password sent in a email thats how its always been on all website whats this world coming to.




                    Originally posted by gtc View Post
                    And if FTDNA does remove the password from those emails I predict a big increase in helpdesk calls/emails due to forgotten passwords.

                    My guess is that a large number of customers don't ever log into their accounts unless they are prompted to by such emails.

                    C'est la guerre.

                    Comment


                    • #11
                      And how else are you going to send customers a password when they first purchase a kit? Snail mail? I suppose you could send the kit no. & purchase info in one email and the password in a separate email, but I don't think it's worth the bother.

                      Comment


                      • #12
                        Hi,

                        Maybe we will do it like we do GAP sign ups these days. You click on a link to set your PW the first time. I am not sure what we are going with yet though.

                        If I were feeling caustic... no... I will not say it.

                        Originally posted by MoberlyDrake View Post
                        And how else are you going to send customers a password when they first purchase a kit? Snail mail? I suppose you could send the kit no. & purchase info in one email and the password in a separate email, but I don't think it's worth the bother.

                        Comment


                        • #13
                          No, that is not the way it has always been done. The only time this has been done is in situations where the people doing it didn't understand the implications or the risks. I base this statement on twenty five years working in the industry including computer security related jobs and several years as a hobby before that.

                          Comment


                          • #14
                            I would leave it how it is now just add a link to the email so they can change there password if they want to.

                            the so called problem would be solved.

                            Originally posted by Rebekah Canada View Post
                            Hi,

                            Maybe we will do it like we do GAP sign ups these days. You click on a link to set your PW the first time. I am not sure what we are going with yet though.

                            If I were feeling caustic... no... I will not say it.

                            Comment


                            • #15
                              Originally posted by madman View Post
                              I would leave it how it is now just add a link to the email so they can change there password if they want to.

                              the so called problem would be solved.
                              I agree 100%. A good proposal of madman, to add a link to change the password into one, that someone can keep better in mind.

                              Comment

                              Working...
                              X