0
Under review

My friend created a new account with his personal email and password; he somehow logged in as me on account creation

jsmar89 2 years ago in Website • updated by SA Admin Jonathan Liss 3 months ago 7

Wtf?! He he even sent me a screenshot of being logged in as me on his computer.


Fortunately, he is my friend let me know immediately. My login info for SA is also different than non SA accounts.


This is the only time I've ever heard of this happening since I joined SA as a member five years ago.


Please fix root cause ASAP and lmk what is, or I will delete my account within 24 hours.


We both work for the same company. None of his login info resembles mine in any way, shape, or form.

Under review

Hi,


Did your friend click on an email sent to you from Seeking Alpha? Our emails employ personalized  auto-login. They state: "Please do not forward this email. It allows direct access to your Seeking Alpha Portfolio."

+1

Could we change this though? This is highly unsecure to pass my Auth ID in the email. I often forward newletters to friends and family when I read something interesting, they shouldn't be able to login my account by clicking on "To View Online:".


Would you be able to use cookies for authentication? This would allow users to be logged in their account if cookies are available but no one else would be able to access my account if I forward them an e-mail for example. What do you think?

Hi,

IWe do protect sensitive parts of your account when auto-logging users in from emails. That said, if you'd like to disable auto-login from emails and prevent, you should go to your User Settings and disable Email Auto-login:

He has received a forward from me in the past, He did not click on any email from me within one week of creating a new account on SA.com.


Even with the disclaimer, this should not happen given the above details.


Should I delete and re-open a new SA account for myself?

If I delete the current SA account and open a new SA account with the same gmail, will this still happen?

I don't see an option to delete my SA account.

It is difficult to determine exactly what happened without the user-id that your friend created but the way the system works it is likely that he clicked on an email from you, at some point, and he has been logged in as you for a while.   He could be logged in as you on multiple devices.   I see your account logged in to a mac, a windows machine an iPhone and an android device in the past couple of weeks.  At this point, your friend should log out of your account on any device he has and log in on his own account.  In the future, please utilize the sharing options inside the web site or mobile app to send articles.  

Will do. Thanks.


Please still answer the question below:


If I delete the current SA account and open a new SA account with the same gmail, will this still happen?

I don't see an option to delete my SA account.