Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Linode.com Related Forums » Feature Request/Bug Report
  Previous topic | Next topic 
Author Message
giacomo
PostPosted: Sat Apr 24, 2010 10:59 pm 
Offline

Joined: Sat Apr 24, 2010 10:08 pm
Posts: 1
Location: Mountain View, CA
Not cool to include the forum password in the activation email.

Lo priority, but annoying. Please fix.

Thanks,
Giacomo
Top
   
Reply with quote  
JshWright
 Post subject:
PostPosted: Tue Apr 27, 2010 1:46 pm 
Offline
Senior Member

Joined: Mon Oct 27, 2008 10:24 am
Posts: 173
Website: http://www.worshiproot.com
The forum software isn't a custom Linode creation... Note the "Powered by phpBB" at the bottom.
Top
   
Reply with quote  
AceStar
 Post subject:
PostPosted: Fri Apr 30, 2010 1:57 am 
Offline
Junior Member

Joined: Wed Apr 28, 2010 10:33 pm
Posts: 41
I noticed it too - luckily I don't re-use any super-secret password for an online forum.

Fairly old version of phpBB from the looks of it - maybe a future update would remove it?
Top
   
Reply with quote  
vonskippy
 Post subject:
PostPosted: Fri Apr 30, 2010 2:10 am 
Offline
Senior Member
User avatar

Joined: Sun Dec 27, 2009 11:12 pm
Posts: 1038
Location: Colorado, USA
Since you log into the forum via a regular http connection, what difference does it make?

It is after all, just a community forum account.
Top
   
Reply with quote  
Talman
 Post subject:
PostPosted: Fri Apr 30, 2010 2:13 am 
Offline
Junior Member

Joined: Sun Jan 27, 2008 11:52 pm
Posts: 36
I'm not sure either, I check my mail through IMAPS. I'd be more worried about the fact this is HTTP than my mail client compromising my password.
Top
   
Reply with quote  
drake127
 Post subject:
PostPosted: Fri May 07, 2010 4:13 am 
Offline
Senior Member

Joined: Sat Nov 15, 2008 4:24 pm
Posts: 55
Location: Czech Republic
You can run forum via HTTPS.
Top
   
Reply with quote  
anderiv
 Post subject:
PostPosted: Fri May 07, 2010 10:19 am 
Offline
Senior Member

Joined: Tue Apr 27, 2004 5:10 pm
Posts: 212
drake127 wrote:
You can run forum via HTTPS.

That doesn't change the fact that the password is emailed in cleartext.
Top
   
Reply with quote  
glg
 Post subject:
PostPosted: Fri May 07, 2010 10:59 am 
Offline
Senior Member

Joined: Fri Jan 09, 2009 5:32 pm
Posts: 634
vonskippy wrote:
It is after all, just a community forum account.


Exactly. This is pretty standard for forums. If you made your forum password the same as your linode manager password, then maybe you ought to change one...
Top
   
Reply with quote  
vds
PostPosted: Fri May 07, 2010 12:57 pm 
Offline
Senior Newbie

Joined: Tue Apr 27, 2010 9:57 am
Posts: 8
giacomo wrote:
Not cool to include the forum password in the activation email.

Lo priority, but annoying. Please fix.

Thanks,
Giacomo


/agree

I am using IPB (Invision Power Board). It does not send the password through email.
Top
   
Reply with quote  
Talman
 Post subject:
PostPosted: Sun May 09, 2010 8:42 pm 
Offline
Junior Member

Joined: Sun Jan 27, 2008 11:52 pm
Posts: 36
There's a whole flamewar brewing between phpbb, IPS, SMS, and vBulletin in this thread... :)

I'd say... if it concerns you to the point you want to bring it up to the staff (and not the community), file a ticket.
Top
   
Reply with quote  
rsk
 Post subject:
PostPosted: Mon May 10, 2010 3:07 am 
Offline
Senior Member
User avatar

Joined: Tue Nov 24, 2009 1:59 pm
Posts: 362
Well, there's one thing I personally loathe about phpBB - it marks all posts as read when you log out. Combine that with its tendency to sometimes log me in and back out after filling user credentials... and you have the need to browse through the threads by date, because everything is marked as read. >.<
SMF all the way. Code isn't the best out there, but it's way more comfortable to use, and relatively easy to extend.
Top
   
Reply with quote  
someone
 Post subject:
PostPosted: Mon May 10, 2010 1:13 pm 
Offline
Senior Newbie

Joined: Thu Dec 24, 2009 5:36 pm
Posts: 12
rsk wrote:
Well, there's one thing I personally loathe about phpBB - it marks all posts as read when you log out.

This is only with older versions of phpBB (< 3.0.0). PhpBB3 supports saving information about read/unread posts in database.
Top
   
Reply with quote  
mwaterous
 Post subject:
PostPosted: Mon May 10, 2010 2:40 pm 
Offline
Senior Member
User avatar

Joined: Sun Dec 06, 2009 9:02 pm
Posts: 54
Website: http://mark.watero.us/
Location: Las Vegas
If you'd prefer it's a pretty easy hack to have it email you the MD5 hash instead. In a PGP signed email with your email address encrypted SHA1. It'll never reach you, but then again, it'll never reach anybody else either!

Come to think of it, when I bought my car, the dealer handed me my keys in plain sight... I'm going to have a talk with him.
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Linode.com Related Forums » Feature Request/Bug Report


Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group