Page 1 of 1

Warning about SWTOR Launcher password security.

Posted: January 26th, 2012, 3:17 am
by reflax
While I am sure some people use authentication, this is for those who don't.

After you type your password in the launcher and before you click play your username and password is stored in plain text.

This is obviously bad because if any hacks you download are setup to monitor for "Launcher.exe" they can very easily read the memory for your account details without triggering any virus alerts since its not installing global hooks to monitor keyboard input.

Posted: January 26th, 2012, 7:00 am
by reflax
This also now extends to the security of your account. Anytime anybody has your password and pin and they can login at least once, they can login to your account anytime in the future even if you change your password or have an authenticator.

Re:

Posted: January 26th, 2012, 12:23 pm
by cuervogold
reflax wrote:This also now extends to the security of your account. Anytime anybody has your password and pin and they can login at least once, they can login to your account anytime in the future even if you change your password or have an authenticator.
Thanks for the heads up on this one!!

I'm still really confused why they coded it this way.