Skip to content

Malaysiakini’s user passwords can be viewed and legible

March 17, 2009

i am highlighting this matter here as i believe this policy of Malaysiakini necessarily puts its subscribers at risk should the User IDs and passwords fall into the wrong hands.

i know one SHOULD NEVER use the same password for any other online or offline service that requires one but i can bet my bottom dollar that many would not be abiding by this rule. i can understand when one repeats using his or her password for other services one subscribes to because otherwise one would be left confounded keeping track of numerous IDs and passwords. It would be safe to state that if one is an ‘online’ person one would have numerous accounts and the question would be “Do you have unique IDs and passwords for every single account?” If you do, my hat off to you. If you don’t, then perhaps you should review your ID and password used, consider the risk involved, then do the necessary. Malaysiakini may not be the only online service that has this flaw.

First thing first, if you are guilty on this rule, my advice is that you go change your password in Malaysiakini now, as a precaution.

Having said that i must add that i have complete respect for Malaysiakini’s people and have full confidence that they would not abuse the flaw. But, you know syit happens. Especially if it involves the powers-that-be in this land and should they have their hands on the system – voila!

i have no intention whatsoever to cast Malaysiakini in a bad light nor frighten whoever is reading this entry but i believe precaution is better than being sorry, hence my public duty.

i found out about this flaw in Malaysiakini’s system recently when i was speaking to a customer service personnel over the phone with regard to my subscription which has expired. It would be unfair of me to keep quiet about this discovery.

Please pass this information on. Thank you.

From → Malaysia Upclose

  1. oneworldmaybenot permalink

    Dont be so paranoid lah

  2. rimau malaya permalink

    Well, Eric is right. But I am one of those cavalier ones…many have been burned.

  3. Good point raised here as to unique ID and password for all our accounts.

    Also be careful while out surfing at cafes- if you log on into a system please ensure your ID and PW is not auto saved up.

    Great post, Eric.

  4. Privacy and internet security awareness among the public is still low. Good that you highlighted this.

  5. Good reminder! Thanks.

    I use a couple of passwords and change them often.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: