Forums » Suggestions
HTTPS?
Just did the free new account sign up. I'm thinking someone should have thrown down for a versign cert. TBH I don't think I'll be trusting this company with my credit card if this is what passes for security.
https://www.vendetta-online.com/x/paymethod?
Thats the page for billing options, notice the https?
Thats the page for billing options, notice the https?
I see https when I click the Credit Card button.
Looks like a secure site to me...
https://www.vendetta-online.com/x/paymethod (too bad it isn't clicky)
https://www.vendetta-online.com/x/paymethod (too bad it isn't clicky)
Yeah. We do use https. We aren't using it for account creation, logins, and account info, though, and we probably should. I'll fix that tomorrow; you have a point.
Reread my post and I'm coming off like an ahole, sorry about that.
My point is username and account password are on the free sign-up. What happens if this game takes off and we get the ebayers?
Also birthday + full name is a real problem; I mean that is a possible security question to prevent id theft.
Also nice response to my thread a1k0n. You didn’t stoop to my level, you acknowledged a problem and said it would be fixed. I’m really and freaking impressed.
My point is username and account password are on the free sign-up. What happens if this game takes off and we get the ebayers?
Also birthday + full name is a real problem; I mean that is a possible security question to prevent id theft.
Also nice response to my thread a1k0n. You didn’t stoop to my level, you acknowledged a problem and said it would be fixed. I’m really and freaking impressed.
It just says "Name". Really, it doesn't have to be your full name. It's just what you want us to call you if we need to contact you. Your billing info is kept completely separate, and is never shown to anybody on the website (except for the last four digits of your CC#, which is shown in a page which isn't https now but will be when I'm done today).
The city and state have been misconstrued as us asking for your address.. really, we just want to know where you're from, roughly. Because it's interesting, and it lets us know where, geographically, our userbase is and where it might be most beneficial to add servers.
The birthday thing could really just be replaced by an optional "age" question and a non-optional "I am over 13" question, because that is a concern due to some relatively recent Internet privacy laws. I'm talking to John about this now, because I am fuzzy on the relevant under-13 law.
The city and state have been misconstrued as us asking for your address.. really, we just want to know where you're from, roughly. Because it's interesting, and it lets us know where, geographically, our userbase is and where it might be most beneficial to add servers.
The birthday thing could really just be replaced by an optional "age" question and a non-optional "I am over 13" question, because that is a concern due to some relatively recent Internet privacy laws. I'm talking to John about this now, because I am fuzzy on the relevant under-13 law.
a1k0n, you might want to take a look here: http://www.ftc.gov/bcp/conline/pubs/buspubs/coppa.htm