We recommend you to change passwords regularly and periodically check for breaches on platforms like https://haveibeenpwned.com/
this is what you get when you access the site.
Now I dont understand what this so called vulnerability is?
Could you please explain.
I have tested arar's site and asked him myself he does not use emails as login.
So how would anyone access our accounts if they dont know our email login?
I also checked it does not require your email address in the username section.
Is the fear that a player will fill in his erepublik email in username and his erepublik password in password.
and that a hacker could access arar's site and enter player accounts?
this is not criticism leveled at either arar or admins of erepublik. i just want to figure out what the vulnerability plato is talking about. seldom use third party sites but perhaps in the future they would put something in there that is useful. then i would need to figure out whether site is safe or harmful.
Edited by Releasethe Krakken, 29 March 2020 - 10:46 AM.