5. SERIOUS PRIVACY ISSUE!

SERIOUS PRIVACY ISSUE!

  • Twisted Gypsies

    @idetached Yes I realize that. Some people do not use that option. I'm glad you do! I misunderstood what you'd written which was: @FunkyJunkyGypsy@littlefeather114 ... I also don't use social media to log into this site. I do email.
    So that's what concerned me. Glad you're good!☺

    0
  • Twisted Gypsies

    @admin
    My password is not visible to me either, but I can easily, if connected to UrStyle via Facebook, click right in to Facebook -- and so can anyone who happens to be given access to my account due to UrStyle sessions being "mixed". Unscrupulous UrStyle Users can easily gain access to private information within our UrStyle account IF they find themselves logged into it. Perhaps there's an e-mail address one wishes to remain private. But that isn't the security issue I’m concerned with.

    1. Someone who’s been pushed through UrStyle’s wormhole, finding themselves in another User’s UrStyle account, can easily pop on to the Valid User's Facebook Account IF the Valid User logs into UrStyle via Facebook. Yes. By being logged in to a UrStyle account that is not theirs, a person is also logged in to a corresponding Facebook account that is not theirs IF the Valid User uses their Facebook account to log into UrStyle.

    2. If one uses their Facebook account to log into UrStyle, it is more than likely that they use their FB account to link to, and log in to, other websites as well. Therefore, the "accidental intruder" can click over to Facebook and access all the information there, as well as gain access to the accounts of all other websites that the Real User logs into using Facebook.
      While UrStyle sessions are being "mixed" and your Users are finding themselves logged out of their own accounts and logged in to the account of others, it would behoove those Users who log in to UrStyle via a social media site (such as Facebook) to change all passwords of all websites associated with that social media site.
      For many people, that may be a great deal of accounts. These types of Log-In-With-Facebook accounts include, but are not limited to, bank accounts and credit cards accounts that people may put on file in their Facebook accounts. People DO do this, for a variety of reasons.

    3. Take a look at the Facebook Payment Methods Section on my personal FB account below. I've removed my User Name and e-mail address, but rest assured, anyone who has a Facebook account can find the very same page in their own account, very easily.
      Note that one can store a credit card, a debit card, and even connect directly to their PayPal account right on Facebook. PayPal is just one of the many online payment services that connects to Facebook, in that you can use your Facebook account to log into them. Did you know that many UrStyle Users are also buyers and sellers who use PayPal in their transactions?

    So even though our UrStyle Password may not be visible, and even though there is an option to log-in to UrStyle the way I do; using the direct log-in feature with an individual user name and password created for UrStyle only, there is still the concern of those who log in using Facebook or Instagram. The UrStyle session mixing occurring at all, it being unpredictable and difficult for you to resolve, does not make me feel confident that there exists great potential and risk of identity and security compromise in countless online venues... simply because some of us log in using social media. So to those users, I ask: Are you okay with someone skipping over to your Facebook account, accessing your PayPal account, and sending themselves or someone else money?
    NO? Thought not… Which is why I strongly recommend the passwords to those accounts be changed ASAP.

    0 1 Reply
  • Beauty, Fashion and Fun (BFF)

    @admin the website was down for a couple of hours (for me and according to https://www.isitdownrightnow.com/urstyle.com.html) but now it’s back, I’m still having the same logging-out-every-few-minutes issues. Also, my clipper isn’t working for me. Every time I try to clip something the website logs me out. And it takes 2 separate tries to log back in!!!

    I have been unable to start the new contest in my group or post the congratulations set for the last contest. Please advise🙂

    Thank you so much
    (Argh - I got logged out by the time I finished writing this message and had to log back in to finish it!!!)

    2
  • URSTYLE Team

    @funkyjunkygypsy please do not spread false informations and wait on our official announcement. I would like to confirm again that even if someone will get into your account, he is not able to see your password or encrypted data - we - administrators are not able to see your password also at any case.
    No one can use your facebook profile or facebook payments or log in into other websites using "login with facebook" it's a totally fake conspiracy theory and even not possible technically without access to your facebook profile. Access to urstyle profile do not gain access to facebook obviously.

    0 1 Reply
  • URSTYLE Team

    We are testing right now log-out issue fix. Please write to me if it will still occur for someone

    2 1 Reply
  • Beauty, Fashion and Fun (BFF)

    @admin whooohooo. It’s working again!!! Thank youuuu 🥳

    0 1 Reply
  • URSTYLE Team

    @fassionista finally we got it 🙂 as you can observe now, URSTYLE is working significantly faster (sending messages, fetching the list of notifications, sending forum posts, liking items/sets and what is most important just opening new pages/tabs)

    By the next days we will take a look also on another database, responsible for clipper tool and publishing sets

    1

  • I had been logged out and had to sign in.....that's fine (sort of) but after re signing in I kept getting bumped saying incorrect Email or Password.
    I I thought ok must have hit a wrong key ....so I tried again and again only to het the same result.
    I left it till now and again it said wrong again............finally after 3 attempts I got in only to push onto Notifications and was knocked out again and had to sign in again. A tad frustrating.

    1
  • Design Styles Defined

    Actually, it’s a lot safer signing into other websites with Google or Facebook than it is creating a standalone account and password. Here’s why: https://www.avg.com/en/signal/is-it-safe-to-log-in-with-facebook-or-google

    URSTYLE don’t actually have anything but a token that allows them to confirm your identity with Google or Facebook. If they get hacked, there is no actual account for your information to be lost.

    Cheers!

    0
  • Twisted Gypsies

    @admin Not looking to spread false information, just address valid concerns. I did not state that if someone is logged into your UrStyle account that they could gain access to your UrStyle password. My concern was the log-in with Facebook issue, which you have addressed, and I appreciate that. (I DO love a good conspiracy theory, but not when it involves security/privacy issues. 😉)

    Consider how I felt when someone told me they were not only logged into my UrStyle account but were also able to post as me. Any reasonable person would question what other things that couldn't or shouldn't happen may be happening. To say something is "not possible technically" is no reassurance. That's been said before (not by you) and as technology advances, things thought not possible are now part of our every day.

    There are numerous articles online written by competent security analysts warning others not to log in to any website using Facebook. For instance:

    At ... "Princeton's Center for Information Technology Policy, three researchers document how third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge. “We never thought this was possible. It was really surprising,” says Acar."

    The Security Risks of Logging in With Facebook
    https://www.wired.com/story/security-risks-of-logging-in-with-facebook/

    There's more, such as:
    https://www.theregister.co.uk/2018/05/04/delete_facebook_login/

    Stop Using Login With Facebook Immediately—Here’s Why
    https://blog.dashlane.com/login-with-facebook/

    The articles I've cited were posted in 2018 -- which is the point. What are we going to discover this or next year about how truly vulnerable we are? I'm not saying any of this applies to UrStyle, but it's no conspiracy theory that Facebook has had serious security issues and that logging in to any website via Facebook (not UrStyle specifically) can leave one even more vulnerable.

    I don't want to get into a debate about this, as that wasn't my intent. I do not know how you script and code UrStyle for security, but I do know that someone was IN and USED my UrStyle account last night, and that is a fact. Doesn't make me feel too secure... 😕 Disregard anything else I've said if you like, but I stand by it.

    I sincerely believe that you are equally concerned about security, and you have my respect. Again, I didn't post this reply or my previous questions to get into a dispute, but to make other Users aware of the Facebook connection and to encourage them not to log-in through Facebook. I was not discouraging logging in to UrStyle. I'm here, after all, and I love it. 😀

    4

NEW GROUPS

💕MATCHING SET OUTFITS💕
gigi's sooya_
Style It Lovely
Royals' Universe
Weloby
TINTS!
Original Characters and Backstories
Different challenges (Desafios diferentes)
Opal Apparel
Mrs. Weeks Apparel, Fashion Merchandising class

ACTIVE URSTYLERS

Looks like your connection to URSTYLE was lost, please wait while we try to reconnect.