TracFone Data Security

  • Contributor

    A relative of mine said she couldn't get into her TracFone (cell phone company) online site, so I went online and tried to request a password reset. It took a while but I found something that looked close and clicked it.

    Ding! I checked her email, and this is what I received in her email folder:

    Seriously? They are storing the passwords clear text and sending them to unknown email servers and clients across the country in clear text? I guess it's true, given that the emailed password worked for the login.

    If you aren't aware, anyone that was on that wifi network, or in a data center could have picked off that email with a title of "Your Password" and got her password. Now that's not really that important for TracFone, but what if you use that password for your bank, or a credit card? It's really bad news.

    The other problem is that if there is a security breach (I mean, clear text passwords in the user database means they have complete idiots doing the programming and IT work), they would have access to your email address, and your password.

    My advice:

    If you have a TracFone, leave the same password there and change it on all other sites. TracFone is not secure and is awaiting a disaster. You might want to sell this one.



  • Contributor

    Now we know where all the 'top talent' developers work...

  • Contributor

    @shitshitshit Well, the point is that anyone who can hack into their database of users will get your email address, phone number, and password. The language spoken at their company is irrelevant.

    Most databases store a "hash" of your password instead of your actual password. It's a one-way encryption process that you can't reverse to get the actual password. That is why places have the "reset password" procedure where they send you a crazy temporary password, then you set a new one. That's safer.

    TracFone is very unsafe, and very 1990's.

  • Contributor

    @woodman but but Mexicans don't know how to read, therefore I'm secure, right?

Log in to reply