0
$ £
pyBlackjackAA
FreerollerFreeroller
Joined: 28 Sep 2015
Posts: 19
Thanks given: 4
Thanks received: 6
14 September 2016 - 11:11am

7Red stores passwords in cleartext?

6 replies • Last post

Hello everyone.

Just a heads up.
When I used the forgot my password function 7red.com sent me the password in clear text.
So as a reminder, use different passwords for your casino sites.

I haven't checked but I would figure they use the same code for all the sites in the group, if that's the case then the following sites are affected as well:
* Nordicslots
* RoyaalCasino
* NorgesSpill

REgards

auCL-Ed
StaffStaff
CL-Ed's picture
Location: Sydney
Joined: 7 Sep 2007
Posts: 6532
Thanks given: 2739
Thanks received: 2078
15 September 2016 - 1:27am
#1

Oh dear that is an elementary security failure. It means that anyone with access to the customer database (either within the casino or from outside via hacking or whatever) could see every customer's password if they wanted to. When we first reviewed them they were running the entire casino website including logins and registration without SSL. We gave them a bad rating and a warning and asked them to fix it and eventually they did. But I am not surprised by this as I get the feeling that their technical people (if they have any) are not very proficient.

Always play it safe! Consult our list of rogue casinos and warnings before depositing.
Every comment you make in our forum earns you CLchips which can be used to buy real prizes in our CLchips shop!

lvblck
True PlayerTrue Player
Location: The North
Joined: 6 Apr 2016
Posts: 821
Thanks given: 77
Thanks received: 204
15 September 2016 - 11:47pm
#2

This is quite bad, definitely agree with CL-Ed that their tech doesn't seem very professional.

bgsharpe
Jackpot ChaserJackpot Chaser
sharpe's picture
Location: Sofia, Bulgaria
Joined: 4 Nov 2014
Posts: 2305
Thanks given: 554
Thanks received: 176
23 September 2016 - 11:16pm
#3

Yes it looks very unprofessional from their side, these days even at non gambling sites when you don't risk any personal information to be revealed is unacceptable for such things to happen but what about when it comes to a gambling site where you store all details about your credit cards, personal information e.t.c., they definitely should fix that.

caactmyname
GamblerGambler
actmyname's picture
Joined: 13 Aug 2016
Posts: 82
Thanks given: 7
Thanks received: 24
25 September 2016 - 8:53pm
#4
blck wrote:

This is quite bad, definitely agree with CL-Ed that their tech doesn't seem very professional.

This is similar to one of my problems with 5Dimes. To withdraw, you need to send them your password and account number via email (which is absurd) unencrypted.

I've never seen any other site do something so unorthodox

bgsharpe
Jackpot ChaserJackpot Chaser
sharpe's picture
Location: Sofia, Bulgaria
Joined: 4 Nov 2014
Posts: 2305
Thanks given: 554
Thanks received: 176
26 September 2016 - 7:22pm
#5
actmyname wrote:

This is similar to one of my problems with 5Dimes. To withdraw, you need to send them your password and account number via email (which is absurd) unencrypted.

I've never seen any other site do something so unorthodox

Yes it really sounds like an absurd, never happened to me though, really strange asking from their side but I guess you don't have a choice when it comes to withdrawing money.

krcoolsongss
Gold PlayerGold Player
Joined: 2 Dec 2014
Posts: 706
Thanks given: 487
Thanks received: 346
10 October 2016 - 9:06am
#6

Oh, I see. Actually, I can't sign up in these casinos, due to jurisdiction issue.
the casinos were rated quite good in the other forums.

But, it would be better to choose other casino because of this technical issue.

Good Luck.

Post new comment

Have something to say? Agree or disagree? Tell us what you think!

Login using your social network account
Or log in with a Casino Listings account

Login or register to post comments

Registering for an account takes less than a minute and you will be brought right back here to comment afterwards.

Share this