So I emailed Noble Poker customer support telling them that I view this a major security issue (click here for the full story). Noble’s response was that this really isn’t an issue at all. According to Noble, “we would like to inform you that once your account was set in the ‘auto login’ anyone can login and play using your account. For your security we advised that you disabled the auto login option. In order to do this, once your online just click on ‘my accoun’” Of course, they forget to mention that auto login is the default setting.
I responded back to them and included a screen shot of my registry showing that despite having the “auto login” unchecked, my information was still stored in plain text in the registry.
I received another response from Noble stating “player’s usernames and passwords are really stored in the registry, this is the way our software is designed. However, since the password is saved in an encrypted way we cannot really consider it a serious security issue.”
So, it appears that Noble Poker has no intention of correcting this problem. They don’t even seem to understand it as this last email is trying to convince me that the information is stored in an encrypted format but as the photo indicates, that is simply not the case.
If you play at any of the rooms listed in this post you should email their support and tell them you find this to be unacceptable. All that needs to happen is some virus gets out there that steals your login and password and emails it back to someone who rips off your entire bankroll.
Related posts:
- Unsafe Poker Rooms Get an Upgrade I haven’t really checked back recently since writing my posts...
- Unsafe Poker Rooms Here’s an idea that Paul at UK Gambling Forums suggested;...
- Poker Rooms and Encryption The UK and Ireland Poker Blog has an interesting bit...
- Sometimes Life Sucks – DuggleBogey and Full Tilt For those of you who may have missed it, fellow...
- Passwords and PINs Since I went to the trouble of spouting my big...
Hi, my name is Bill Rini and this is my poker blog. I've been blogging about poker and the poker industry since around 2003-ish. Like most people I started out playing poker as entertainment in home games whenever we wanted to sit around and smoke cigars, drink beer, and eat pizza, and needed a good excuse. I started playing online shortly after the first online card rooms opened and it wasn't long before I was playing 20, 30, or even 40 hours a week or more. One day I received a phone call about a program manager position at Tiltware which was the company that consulted to Full Tilt Poker on software development and marketing. After Tiltware I spent about 2.5 years working at Party Poker where I was the poker room manager.
{ 4 comments… read them below or add one }
The names of those sites alone remind me of virus/spyware. Are the bonuses the only reason someone would play there?
Isnt that just like some big name corperation.
“Well sir we dont really see it as such a big problem since it is not our money. You see we will get a chunk of it no matter who is playing your accout so we dont care.”
There has to be someone that you can complain to. The best thing you could probably do to get herd is to submit a press release telling the people what is going on and ask them not to play there.
Terry Brazil
http://holdempokernews.blogspot.com/
Hey Bill - I left you a comment on Flickr too about this!
How about you get in touch with Playtech direct instead of Noble. The thing with Noble is that they use Playtech’s software. You get this fixed for Noble it will be the same for ALL operators of the system. Cheers! I am going to add you as a contact on flickr now :)
Best wishes,
Carlo
I got this response from Noble’s support team
This was the advice from our Technical Team:
Only what needs to be encrypted is password currently there is indeed problem with fun passwords they are not encrypted, but real money passwords are encrypted as needed. Most probably during next week also the fun player passwords will be encrypted. Please accept our apologies for any inconveniences caused.
Should you have any questions or concerns, please do not hesitate to contact the Noble Poker Support Team.