First, somebody would have to get access to the actual cookies of a personWhy post the proccess tho, now people can use it to rob the accounts ;-;
you should had just sent it in a PM to mods...
First, somebody would have to get access to the actual cookies of a personWhy post the proccess tho, now people can use it to rob the accounts ;-;
you should had just sent it in a PM to mods...
It's not really that hard, phishing. I once made a phishing site just to test it out. It was using Minecraft's website. I literally just downloaded the site and uploaded it to a server, then changed the login function to just print the data to a file. lol. It was easy. I took it down shortly after, but apparently someone found it and tried to login. lmao.Lol you think its "easy"
this.I highly doubt Temp is vulnerable to SQL injection. Phising could also be used to get a password directly, there's no reason people would go out of the way to get the cookie instead.
Also, basically what @UniqueGeek said. There's no easy way around this because of how cookies work.
True true, totally forgot about that lol sorry.First, somebody would have to get access to the actual cookies of a person
Hell, I only use 2FA for Steam (cuz trades and market and all) and for the bank-related stuff. GBATemp is important, but I'm not important enough that anyone will bother hijacking my account just to piss me off soooo yaStill, it is more secure than just letting people play with your account
I was talking more about SQLi, Phishing is easy but also easy to spot.It's not really that hard, phishing. I once made a phishing site just to test it out. It was using Minecraft's website. I literally just downloaded the site and uploaded it to a server, then changed the login function to just print the data to a file. lol. It was easy. I took it down shortly after, but apparently someone found it and tried to login. lmao.
PMs ( ͡° ͜ʖ ͡°)What would people want to do with someone's GBAtemp account anyway? I mean there's really nothing they would be able to get out of it.
Maybe destroy their reputation? Get them banned? Idk. I just felt like this needed to be pointed out.What would people want to do with someone's GBAtemp account anyway? I mean there's really nothing they would be able to get out of it.
gotta get them users banned by posting on their behalfWhat would people want to do with someone's GBAtemp account anyway? I mean there's really nothing they would be able to get out of it.
It should be common knowledge how cookies work.Maybe destroy their reputation? Get them banned? Idk. I just felt like this needed to be pointed out.
If you get someones cookies you can actually log into their accountexploit
Can be used on almost every site with almost no results but you logging into your own account
And how would you get somebody';s cookies? If it is as simple as running a script or a chrome extention, sure that might be a problem. But it isn't a prblem when you have to be on the network or have to know the email. It's kinda a non-problem at that point.If you get someone's cookies you can actually log into their account
I dare you. Say your password here.What would people want to do with someone's GBAtemp account anyway? I mean there's really nothing they would be able to get out of it.
As much as I love GBAtemp, I'd rather be hacked than give out my phone number. After hearing the rash of account bans on PSN, I added 2FA to my PS4, and suddenly I'm getting all sorts of weird spam calls. I only call three people on my phone, so it's weird that out of the blue, my number seems to be so find-able. I don't trust that sort of thing.Two Factor Authentication? That could be implemented, I assume, but that can be annoying.