Passwords

**lonnie55** · 06-17-18, 12:09 PM

A+ rated lol

**lonnie55** · 06-17-18, 12:13 PM

Originally posted by TourLooper

they could easily steal someone's money into a bitcoin account. Yet the books seem so nonchalant about that policy.

Exactly this is the idea behind PINs or security questions

No idea how they legitimate asking for the log-in password

**lonnie55** · 06-17-18, 12:25 PM

But good to know Heritage's and Youwager's employees (or even a third party CS agency?) have access to all their customers' passwords in clear text

**TourLooper** · 06-17-18, 12:43 PM

Yeah I'm not overly concerned about it because I've been gambling online for over a decade and never had an issue and I've never seen any complaints in all the forums I've read through. It just crossed my mind when I was asked for my pw that this guy is probably making $5 an hour and has access to my account with 10k in it and probably other accounts with 100k+. It would be quite easy for him to take that info and make a withdraw into a bitcoin account and nobody would know who did it..

**InsiderHer** · 06-17-18, 02:17 PM

Tour and Lonnie, I'm sure you understand there's a log for every access point in the software, even more, most calls are recorded and the deceit would have to include someone in the processing/accounting department. Not saying issues don't arise, but the sportsbook would be responsible for this type of egregious action taken by not one, but two of its employees. But, like you said, you've been betting offshore for over a decade without incident. Pretty much answers your question. BTW, whats the difference between a code and a password, they both need to be stored in the CRM to ensure you are who you say you are. I think its reassuring, but in the end, if this is important to anyone, you should only wager on a devise like your phone. I mean, hell, it's 2018

**lonnie55** · 06-17-18, 03:18 PM

Originally posted by InsiderHer

Tour and Lonnie, I'm sure you understand there's a log for every access point in the software, even more, most calls are recorded and the deceit would have to include someone in the processing/accounting department. Not saying issues don't arise, but the sportsbook would be responsible for this type of egregious action taken by not one, but two of its employees. But, like you said, you've been betting offshore for over a decade without incident. Pretty much answers your question. BTW, whats the difference between a code and a password, they both need to be stored in the CRM to ensure you are who you say you are. I think its reassuring, but in the end, if this is important to anyone, you should only wager on a devise like your phone. I mean, hell, it's 2018

That there was no incident yet means there will never be one?

the sportsbook would be responsible for this type of egregious action

Lol sure. Try to sue an unregulated offshore book.

BTW, whats the difference between a code and a password

Passwords should never be stored in clear text on the company's servers. The only one who should have access is the customer himself. A PIN or security question is only for verification purpose in conversations and cannot be used for log-in.

**TourLooper** · 06-17-18, 04:40 PM

Don't need two employees. The cs agent can remember an account # and password and send the info to an accomplice in another country who then can log in and make a withdraw to a bitcoin account. I'm not saying it's easy to get away with because the login would show a different city than the home of the customer and might raise a red flag with whoever approves the payouts. But I was recently on a cruise in the middle of the Caribbean making deposits and withdraws and everything was approved in normal fashion. I'm just wondering what safeguards are in place to prevent such a thing from happening.

**bearjew** · 06-19-18, 11:52 PM

A lot of these posts crack me up. When they open up your account, employees can see all of your info (pass, balance, history). Of course they need to confirm acc ownership and therefore will ask for the password (which only you should know). Actually most books have very strict security policies, if you log in with as much as a different IP. That alone will raise a flag and will want to know why or who is using your account. Rarely any place will payout to 3rd party, maybe only P2P but after you authorize it. So lets saaaaaay that an employee happens to mess around with your account. The book can tell in a matter of a second that the plays were not done from your phone/computer and will refund your $

leave the paranoia at the door.

**sNoWmAn2169** · 06-20-18, 12:40 AM

I agree. Any place which requires a password will allow their employees to see information like that, banks etc. Customer service needs access to accounts, simple as that. I was paranoid at first, but then decided to just be smart about it and make up unique passwords for each book.

**jjgold** · 06-20-18, 05:48 AM

Originally posted by sNoWmAn2169

I agree. Any place which requires a password will allow their employees to see information like that, banks etc. Customer service needs access to accounts, simple as that. I was paranoid at first, but then decided to just be smart about it and make up unique passwords for each book.

exactly

**lonnie55** · 06-20-18, 06:58 AM

pretty naive attitude by some guys in this thread

**Miz** · 06-20-18, 10:53 PM

It has happened. A long time ago, I remember reading about it. it really hurt a few solid books reputation. I don't want to call them out as they fixed those issues and made everyone whole again. But I recall two books specifically where player was hacked by employees