encryption and website security

Peep · 04-01-09, 09:07 PM

Most books when you call up CS ask for your password.

24-7bookie · 04-01-09, 09:11 PM

very very good points but here is the problem

when u call in a wager, the only verification for a clerk that it is you, is by you providing your password, so it has to be visible to to employees on the back end . i agree there should be a solution to this, but these software companies that the books use are not very good at staying on the cutting edge of things. they seem to do the minimum to maintain their clients and get by.

Originally posted by BouncedCheck

I recently attempted to change my password at 5dimes, but I couldn't find any menu options to perform this task. I contacted their live chat customer service, and they said I'd have to send them an e-mail with my ID and current password along with my desired new password, and it would have be changed manually on their end. I've also asked them multiple times about ID requirements for withdrawals, and they've consistently told me they only require ID for a withdrawal if there's a discrepancy in the registered street address or some other problem with the account. So basically, they require ID to change an account password, but not to send thousands of dollars across borders. This seems a little strange to me, but what really raises a flag in my mind is that most sportsbooks do not use encryption. What's the point of making it so difficult to change a password when the sites themselves aren't secure? Am I the only one who thinks this is a problem?

I know with forums such as this, and with most online e-mail services, and virtually all online financial institutions, a user's password is not accessible to the site owner. The site administrator can reset someone's password, but not access it. The 5dimes policy is bothersome to me, and I remember several weeks ago, Richard from BetPhoenix posted in a public thread that a SBR forum user (ucbearcats) used part of his SBR screen name in his BetPhoenix password. Seriously, what the hell is going on here? When a book has access to a user's password, it's clearly a breach of security.

I've generally used the same password on the vast majority of my online accounts, but since I've started using that password on my gambling accounts, I've changed all my other passwords (e-mail, online banking, credit cards, discussion forums, etc.) for better security.

BouncedCheck · 04-01-09, 11:47 PM

I don't phone in bets. There should be one highly secure password for signing in on the website and a different password used exclusively for phone bets. The more serious problem is the lack of encryption.

magnavox · 04-02-09, 08:53 AM

More serious problem is with you, using same passwords for most of the sites.

Justin7 · 04-02-09, 09:09 AM

It's easy to use the same password at all books. Don't do it.

If there's money involved, you need a separate password for each account.

Fizzz · 04-02-09, 01:03 PM

Originally posted by BouncedCheck

I don't phone in bets. There should be one highly secure password for signing in on the website and a different password used exclusively for phone bets. The more serious problem is the lack of encryption.

That is called a phone password and that is offered at some books such as the CRIS's books.
On security and privacy, you should ask the book what kind of encryption they use... SSL or the bits they use as encryption. 128 usually does the trick
We only require ID once the customer does not remember some of his personal information provided at signup. ID is not required to change the password upfront, only in this case.
I do support the idea of having to contact customer service to change the password... since it is the customer that has to confirm everything from the full name and password, to the zip code or fax provided at signup.