Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


2442 posts

Uber Geek
+1 received by user: 720

Trusted
Lifetime subscriber

Topic # 191752 15-Feb-2016 12:20
Send private message

Hi Team (not sure if this is the best forum)

 

Had this email arrive from TreatMe this morning.  They used to be owned by TradeMe but I heard only this morning that they were spun off over a year ago.

 

https://cdn.geekzone.co.nz/imagessubs/blogfb32afcdf7c3c9ac24063c8009dd918d.jpg (the bottom half of the email is not important)

 

It looked dodgy to me for the following reasons:

 

  • password reset was unsolicited
  • password was in clear text in the email
  • The links in the message went to the domain email.ouffer.com 

An email to help@ recieved a response within 3 hours advising the email was legitimate, with a Customer Support Agent advising "We have just recently done some updates to our site and a password re set has been sent out to all customers.  Apologies for any confusion or inconvenience that this has caused for you!"

 

Not terribly impressed.

 

I can see they have updated the styling of the emails and the web site, but still, I think this could have been handled better.

 

Or am I being too picky?





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

Create new topic
3365 posts

Uber Geek
+1 received by user: 1841

Trusted
Lifetime subscriber

  Reply # 1492570 15-Feb-2016 12:43
One person supports this post
Send private message

I'm so glad my TreatMe password is a very long gibberish lastpass generated one.

 

Site's that store the passwords in a decryptable form like that deserve to be hung drawn and quartered.

 

 

 

 





Information wants to be free. The Net interprets censorship as damage and routes around it.




2442 posts

Uber Geek
+1 received by user: 720

Trusted
Lifetime subscriber

  Reply # 1492574 15-Feb-2016 12:47
One person supports this post
Send private message

Fair comment.  In this case (to clarify) they generated a new password and emailed it through.  Hopefully they do not store it reversibly, but you never know.





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

3365 posts

Uber Geek
+1 received by user: 1841

Trusted
Lifetime subscriber

  Reply # 1492625 15-Feb-2016 13:42
One person supports this post
Send private message

Dynamic:

 

Fair comment.  In this case (to clarify) they generated a new password and emailed it through.  Hopefully they do not store it reversibly, but you never know.

 

 

While not quite as bad, that's still not great. I'd rather they generated a single use, expiring link to a web page where I can set a new password of my choosing. Which would be long and generated by lastpass :-P





Information wants to be free. The Net interprets censorship as damage and routes around it.


Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.