Friday, 4 June 2010

Username is already exists!

I got an email from the Agile Journal about Agile Connect 2010. Online Agile conference. Cool! Talk to people around the world online. Cool!
So I signed up. Or tried to.
I received a rather curt 'Please enter a valid email' message after filling out the registration and using my pretty standard Googlemail address.

OK maybe not so curt because it does have 'please' in the message but the word 'address' would have been good too. Somehow missing the 'address' makes it seem curt to me.
Do they not like Google or have they got some weird validation rules going on?

I got to the next sign up bit and had to stick in address details and stuff. As it's none of their business and an online conference I went with my standard '1 Na Street'. I found it interesting when I had to pick a profession. I couldn't see Dev or Test or BA or PM or anything along those lines. I could see 'People with the money'. Although it's apparently not just a trade show.

I got curious and decided to spend a couple of minutes snooping.
First, the great messages you get if you try sign up with the same details.

I checked Fiddler and there were a couple of things that popped out at me but the biggest would be my registration details......ALL OF MY REGISTRATION DETAILS. My password helpfully listed twice.

You may think 'So what? Kind of the point of Fiddler isn't it?' and I would say 'Yes, yes it is but usually you would have to decrypt the traffic first, cause you know, security and all that.'

Not so for the Agile Journal! Security?! Encryption?! HTTPS?! What?

Anyway, lunch break over, back to work but if you decide to attend Agile Connect 2010 I'd suggest using a password that you don't use for anything else.

No comments:

Post a Comment