Ferru123 wrote:I bet the characters aren't randomly organised when you log into your bank account, though.
All this security at the users' end is not going to help if the problem is in fact a result of Betfair's own lack of security:
We can change our passwords daily, and all of the above will still be an issue. I think the fact that Betfair's site doesn't work via HTTPS is enough proof that they don't take security seriously enough. I believe that there's quite a strong possibly that it is not any fault of the OP that this money has been taken.
- Betfair's login system works on bare-bones HTTP, so your username and password could be intercepted anywhere from your PC to Betfair's servers. This includes unscrupulous employees at any ISP. You can try to force a HTTPS connection (by prepending the URL with https://), but this seems to break Betfair's site, and it also has a convenient habit of switching back to standard HTTP whenever it gets the chance.
- Are users' passwords being sent in plain text across Betfair's network, so that an unscrupulous employee could sniff them out?
- Are Betfair encrypting their database passwords? If not, anyone with access to the database will be able to view all users' credentials.
andyfuller wrote:Didn't realise that people could view your screen remotely (bar on things like skype etc) and that it was much of a problem even if they could?
andyfuller wrote:I think any security should be opt out rather than opt in tbh.
Users browsing this forum: No registered users and 1 guest