My friend created a new account with his personal email and password; he somehow logged in as me on account creation
Wtf?! He he even sent me a screenshot of being logged in as me on his computer.
Fortunately, he is my friend let me know immediately. My login info for SA is also different than non SA accounts.
This is the only time I've ever heard of this happening since I joined SA as a member five years ago.
Please fix root cause ASAP and lmk what is, or I will delete my account within 24 hours.
We both work for the same company. None of his login info resembles mine in any way, shape, or form.
Could we change this though? This is highly unsecure to pass my Auth ID in the email. I often forward newletters to friends and family when I read something interesting, they shouldn't be able to login my account by clicking on "To View Online:".
Would you be able to use cookies for authentication? This would allow users to be logged in their account if cookies are available but no one else would be able to access my account if I forward them an e-mail for example. What do you think?
Hi,
IWe do protect sensitive parts of your account when auto-logging users in from emails. That said, if you'd like to disable auto-login from emails and prevent, you should go to your User Settings and disable Email Auto-login: