So I emailed Noble Poker customer support telling them that I view this a major security issue (click here for the full story). Noble’s response was that this really isn’t an issue at all. According to Noble, “we would like to inform you that once your account was set in the ‘auto login’ anyone can login and play using your account. For your security we advised that you disabled the auto login option. In order to do this, once your online just click on ‘my accoun'” Of course, they forget to mention that auto login is the default setting.
I responded back to them and included a screen shot of my registry showing that despite having the “auto login” unchecked, my information was still stored in plain text in the registry.
I received another response from Noble stating “player’s usernames and passwords are really stored in the registry, this is the way our software is designed. However, since the password is saved in an encrypted way we cannot really consider it a serious security issue.”
So, it appears that Noble Poker has no intention of correcting this problem. They don’t even seem to understand it as this last email is trying to convince me that the information is stored in an encrypted format but as the photo indicates, that is simply not the case.
If you play at any of the rooms listed in this post you should email their support and tell them you find this to be unacceptable. All that needs to happen is some virus gets out there that steals your login and password and emails it back to someone who rips off your entire bankroll.