Hey, just wanted to give people a little headsup about something I found while mucking about in the games config files.
In the game.prefs file (Typically found in /My Documents/My Games/Gas Powered Games/Demigod/game.prefs) your impulse password is stored in plaintext if you've ticked the remember me box while logging in. This means its easily accessible to trojans and viruses and what have you. Perhaps the game devs should ask themselves that question that all computer network guys ask themselves everyday when designing systems, "What about security?"
Yes yes, Frogboy said they've talked to GPG about removing it from the game prefs.
We've reported this to GPG and asked them to change how this is stored.
I vote for decapitation for that. As an IT guy i take such stuff with high level of paranoia.
Haha, that's so silly.
Actually, it's almost programming 101: never store an unencrypted password. They probably planned to remove it, but somehow forgot to actually do it...
Must admit don't really know what im talking about, know nothing about hacking, but surely it would have been better to email privately about this serious flaw, rather than posting it for the world to see ?
Computer Security 101: Shit gets fixed faster if you make it public.
This.
Edit:
And also, if you untick the remember me box it shouldn't be stored (I guess, havn't checked). So it's informative to how to avoid the issue as well.
Oh wow thanks for the heads up I just unselected my box.
There are many great features available to you once you register, including:
Sign in or Create Account
