Ribble Security

[AndyJ14]

A quick warning to anyone thinking of signing up for a Ribble Account. DO NOT use security details that you use elsewhere. Ribbles policy is to email your full sign-up details to you (User_Id and Password) via email as part of the user creation process.

For those not aware, email is totally unencrypted and very unsecure. If these details fall into the wrong hands then they will be used to automatically test them against hundreds of other sites.

Please beware.

I did write to Ribble, but had no reply.

 

[raleighnut]

Send em an email.

 

[John the Monkey]

You could use Keepass (or something similar) and generate a unique password for every account.

 

[mjr]

You could use Keepass (or something similar) and generate a unique password for every account.

Good advice. It is very risky to use the same details in multiple places.

What really bugs me is banks that use trivially discoverable info like date of birth or place of birth as part of security info. Very silly theatre.

 

[AndyJ14]

What really bugs me is banks that use trivially discoverable info like date of birth or place of birth as part of security info. Very silly theatre.

Yeah, that annoys me too. If you are the kind of person using Keepass then this warning is not meant for you, but the majority of people out there do duplicate passwords and don't realise how dangerous it is. When you give your details to a company like Ribble you are trusting them with this very important and sensitive information. They should treat it with the respect it deserves.