Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

RPG Database has MAJOR FLAW


Recommended Posts

The RPG Database has MAJOR FLAW... Password are out in the open simply by viewing the PWDATABASE.DB. At a minimum it SHOULD NOT be named as such. It should be name something like what the RPG spits out for 64 character PW, algorythemically calculated off the PW you enter to access the PROGRAM, as well as have NO EXTENSION (especially not .DB) and be hidden somewhere RANDOMLY within the SYSTEMS PATH, not located in same folder as the program. ALSO THE PASSWORD FILE SHOULD BE ENCRYPTED, OTHERWISE YOU MIGHT AS WELL JUST STORE ALL OUR PASSWORDS ON FACEBOOK....:wink:

 

This just a PROFESSIONAL's opinion, yours may vary (& BE WRONG):twisted:

Link to comment
Share on other sites

  • 2 weeks later...
  • 2 weeks later...

I agree that the contents (the database) should be encrypted; an apparant flaw in the program. The actual name of the extension of DB is not necessarily a problem - should the user need to find it - and the database itself is encrypted.

 

If encrypted, although it could be renamed - not a bad idea - the new name for the database file needs to be consistent so that it can be found by the user upon problems being developed and tech support. If it was randomly placed on the drive in a random directory it would become a nightmare to repair.

 

The Encryption system would need to be consistent from machine to machine for simple reasons.

 

The program itself should be encrypted with a password, besides the database being encrypted. Should a user lose their password for the system, a PUBLISHED backdoor into the system would not be a good idea. It should be a double blind method to access should a password for the program be lost.

 

Just a personal observation.

 

PROBLEM: I would be curious to find out if the product is being updated officially or just by the public as an OPEN SOURCE product.

 

NEW SUGGESTION: A method needs to be created to easily access across network systems & a method to backup the database remotely for restoration in the case of corruption.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...