Skip to content

Trello Board User's Security Risk

TarotRedhandTarotRedhand Member Posts: 1,481
in NWN:EE Trello Board Discussion
I use variations of my user name all over the web. Also, I tend to have a somewhat healthy paranoia when it comes to my computer security. I think I have discovered a security hole when it comes to voting on the Trello boards as they are currently set up. You have to give a real name when you register with Trello in order to be able to vote. When you click to vote, the box that comes up displays not just the user names of those who have already voted but also the real names that they have entered. Should I choose to vote my real name will be exposed for all to see as well. This is a recipe for disaster, at least for those who vote on there. Should criminals or other ne'er do wells look in on there they will find that a good part of their work has been done for them. I know that some people have used nicknames for this but I am surely not the only one who entered their real name in all innocence while not expecting to have this personal information leaked.

Is there no switch on there to hide peoples real names? If there is please flip it at your first opportunity. If not then can you remove the display of who has voted? Should the worst come to pass and a way has not been found to hide this information I can foresee the more litigious suing BD which is something none of us would want to see.

TR

Comments

  • JuliusBorisovJuliusBorisov Member, Administrator, Moderator, Developer Posts: 22,725
    Thanks for your concern. As soon as the office opens today, this will be looked at.
  • TarotRedhandTarotRedhand Member Posts: 1,481
    Thank you. I actually only noticed this last night even though I had previously voted on there.

    TR
  • JuliusBorisovJuliusBorisov Member, Administrator, Moderator, Developer Posts: 22,725
    Added

    https://trello.com/c/mccaZ0kE/156-privacy-disclaimer (Input)
    https://trello.com/c/xs4mnHx8/80-privacy-disclaimer (Roadmap)
  • TarotRedhandTarotRedhand Member Posts: 1,481
    I apologize but from now on you'll have to address me as Fred Blogs. Well at least as far as Trello is concerned. Obviously not my real, Real Name. It's what the press use in the UK when they are talking about everyman. I looked at my profile and saw an edit button. Nah, it couldn't could it... He, He it worked.

    TR
  • FreshLemonBunFreshLemonBun Member Posts: 909
    If you have stalker problems keeping usernames/identities and accounts separate and unlinked is usually the best option.
  • ProlericProleric Member Posts: 1,282
    For that matter, the bug reporting site only shows the real name of the author. I'm not personally bothered, but it will deter some people. Also, we know one another by nicknames, so if I see a bug that's worth discussing, I have no idea who to PM.
  • SherincallSherincall Member Posts: 387
    Proleric said:

    For that matter, the bug reporting site only shows the real name of the author. I'm not personally bothered, but it will deter some people. Also, we know one another by nicknames, so if I see a bug that's worth discussing, I have no idea who to PM.

    We were encouraged to put our names as Firstname "Nickname" Lastname exactly for that reason. Random example: https://support.baldursgate.com/issues/32975

    I'm sure if people don't want to put their real names, "Nickname" "Nickname" would work just as well.
  • JuliusBorisovJuliusBorisov Member, Administrator, Moderator, Developer Posts: 22,725
    Proleric said:

    For that matter, the bug reporting site only shows the real name of the author. I'm not personally bothered, but it will deter some people. Also, we know one another by nicknames, so if I see a bug that's worth discussing, I have no idea who to PM.

    https://support.baldursgate.com/ has the following line: "(Please note that the first name and last name fields will be visible to other users. Feel free to use a pseudonym if you'd prefer to keep this information private.)"
  • TrinitalTrinital Member Posts: 59
    Tarot you are so cute. Do you always give your full name when asked? LoL.
Sign In or Register to comment.

2024 Overhaul Games, a division of Beamdog. © 2024 Hasbro, Inc. All Rights Reserved. Baldur's Gate, Dungeons & Dragons, D&D, Forgotten Realms, Baldur's Gate, Wizards of the Coast and their logos are trademarks of Wizards of the Coast LLC in the U.S.A. and other countries, and are used with permission. Hasbro and its logo are trademarks of Hasbro, Inc. and are used with permission. © 1998 BioWare Corp. All Rights Reserved. BioWare, the BioWare Infinity Engine and the BioWare logo are trademarks of Bioware Corp. Black Isle Studios and the Black Isle Studios logo are trademarks of Interplay Entertainment Corp. Atari and the Atari logo are trademarks owned by Atari Interactive, Inc. All other trademarks are the property of their respective owners.