PSA. Don’t share your password in your app’s launch notes • Graham Cluley


PSA. Don't share your password in your app's release notes

Excited to observe the Guardians of the Galaxy Vol 3 on the cinema, or see what all of the fuss is round The Tremendous Mario Bros Film?

Perhaps you’ll leap onto your smartphone, and click on on the MyOdeon app to search out out what movies are enjoying at your native flicks.

Oh! The OdeonUK app has simply been up to date… I’m wondering what new options it has?

Myodeon release notes
Launch notes for up to date model of MyOdeon app.

What’s New
Model 5.09.500

Up to date textual content
Added Delete operate to the app Click on on menu> then click on on my profile> click on on replace your particulars > Delete account> you get a delete warning > then click on sure
To check delete operate please use this login account and delete
E mail: [email protected]
Password: Odeon1234!

Err… that appears awfully just like the credentials for a take a look at account, and – if I’m not very a lot mistaken – “Odeon1234!” is a extremely very dumb password certainly.

My guess is that this username and password combo was supposed to stay personal, and solely utilized by Odeon’s inside technical workers – reasonably than shared with lots of of 1000’s of film buffs.

EmailSignal as much as our publication
Safety information, recommendation, and suggestions.

Hopefully there’s no critical hurt carried out by this, however all app builders ought to take care about what they publish of their launch notes – simply in case it by accident leaks any useful info to ne’er-do-wells.

Discovered this text fascinating? Comply with Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we publish.


Graham Cluley is a veteran of the anti-virus trade having labored for quite a lot of safety corporations for the reason that early Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an impartial safety analyst, he often makes media appearances and is an worldwide public speaker on the subject of laptop safety, hackers, and on-line privateness.
Comply with him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an e-mail.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles