Kamis, 13 Mei 2010

How We Secure Your Information

 
 
   SocialOomph.com Newsletter
How We Secure Your Information

With the scares of bad people hacking into accounts, I want to explain to you how SocialOomph secures the information you enter in the system.
 
Your Twitter and StatusNet Password
 
When you add your Twitter or StatusNet account to SocialOomph, and enter your user id and password so that the system can perform actions on your behalf, the system applies a strong encryption to your password before storing it in the database.
 
When I look directly in the database, even I cannot see your Twitter or StatusNet password. It's just a string of funny characters. That also means, even if someone were to succeed to break into my server and database, he would not be able to read your Twitter password.
 
Your SocialOomph Password
 
Your SocialOomph password is secured in the same manner as above, with the same type of encryption.
 
In addition, I also have measures in place that guard against dictionary attacks. A dictionary attack is when someone runs a script that repeatedly tries to log in to your account while using a different guessed password with every try.
 
To circumvent that, I allow 5 successive failed logins. On the 6th try, I lock your account for 30 minutes. While it is in locked state, nobody can log into the account, even with the correct password. This method thwarts a dictionary attack because such an attack relies on being able to try thousands of different passwords in a very short period of time.

The Server That Runs SocialOomph
 
Obviously I am not at liberty to disclose the security measures in place on my server, but I can tell you the following.
 
The programming code that runs the SocialOomph site is encrypted. That means, even if someone were able to look at the programming code, he will not be able to read the code and figure out how the passwords are encrypted.
 
The Future
 
Twitter has announced plans to implement OAuth sometime in the future. 
 
As soon as they do that, I will implement OAuth on SocialOomph as well.
 
What that will mean is that you then won't have to give your Twitter user id and password to SocialOomph at all.
 
With OAuth in place, you will be able to allow or deny access by SocialOomph (and other applications) to your Twitter account from within your Twitter account on the twitter.com website.
 
Thank You For Using SocialOomph

Best Regards,
 
Dewald Pretorius
  Facebook Guide
 

The Complete Step-By-Step Guide To Making Money On Facebook & Other Social Media Sites.


  Professional Logos
 

Professional Web 2.0 Logos, 3 Designs, 3 Revision Rounds, Less Than $400.


  Have Any Questions?
 

Please submit a ticket at our SocialOomph Help Desk.


PO Box 21049, Quispamsis, NB E2E4Z4, CANADA

To unsubscribe or change subscriber options visit:
http://www.aweber.com/z/r/?bAyMHExMtKwMLMwcTJyMtGa0TJyMjIycLA==

Tidak ada komentar: