Author Topic: ArbiterSports Security Issue (Read 3702 times)

bossman72 · « **on:** May 25, 2016, 12:44:11 PM »

All,

Please make sure your ArbiterSports password is different from all other passwords you use (especially RefPay). Arbiter stores their passwords in plain text on their server. I've let them know about this security vulnerability several times but they have not corrected the issue.

The reason I can tell they haven't corrected it is because I got invited to a new Arbiter assigning account, and my password is right there in the email.

So, please keep your password different on Arbiter than you use on other sites.

HLinNC · « **Reply #1 on:** May 26, 2016, 01:00:00 PM »

Wow, whos their IT consultant, Hillary Clinton?

bossman72 · « **Reply #2 on:** June 23, 2016, 03:00:57 PM »

Looks like Arbiter fixed the problem. Bravo, Arbiter!

https://arbitersports.zendesk.com/hc/en-us/articles/221361107

mishatx · « **Reply #3 on:** June 27, 2016, 04:58:24 PM »

A few years ago when an association I was in switched from another site to Arbiter, I got the welcome email with the plain text password - which matched the password I set on the old site. So now it was clearly stored as plaintext in two places.

Author Topic: ArbiterSports Security Issue (Read 3702 times)

bossman72

ArbiterSports Security Issue

HLinNC

Re: ArbiterSports Security Issue

bossman72

Re: ArbiterSports Security Issue

mishatx

Re: ArbiterSports Security Issue