Why can the password be changed without the actual password?
Hello,
I just realized a security issue:
You don't have to enter the actual password when changing it. Can you please fix it?
Thanks and best regards,
Andreas
Asked by Andreas N. on Jan 10, 2013 - 06:25
David Trey
on Jan 10, 2013 - 08:11
Hello Andreas,
Thank you for your report. I will pass this information to our developers.
Best regards,
David
Andreas N. on Mar 02, 2013 - 07:46
The security issues still exists. Will it be fixed soon?
I think this is very important!
Thanks!
Best regards,
Andreas
David Trey
on Mar 02, 2013 - 08:20
Hello Andreas,
We will consider changing it in the future. Right now changing the password requires being logged in and the login process itself is very secure.
Best regards,
David