You may have seen media reports recently relating to plain text passwords and the dangers of registering your personal and financial information with companies who use this method.
Well, rest assured, Ticketmaster is not one of the offending companies. As you would imagine, Ticketmaster deals with huge amounts of customer data and this is an area that we take extremely seriously.
So what are plain text passwords? Basically, they are passwords – created by you – that are stored in plain text. So if you password is MyName2016, in the offending company’s system, your password will be listed as MyName2016 – no coding or encryption.
Obviously this is a major concern as passwords can lead to a huge amount of personal information and in many instances credit card or bank details. If a site that uses plain text passwords is hacked or any security problems occur, account holders are extremely vulnerable to having their information stolen and potentially used fraudulently.
Companies who use best practice password security will never store your passwords in plain text. To get technical, when a password is created, a secure site will save a ‘representation’ of your password. Once you re-enter the password, the site will simply ensure the original representation matches what you just entered. Importantly, you should never see your password at any stage when using a website; not when you type it in, not in an email, not when speaking to customer service and not on the website once logged in.
Of course, it is not always easy to identify plain text password culprits. But one certain giveaway is the information that is sent to you if and when you select the ‘forgot password’ function while trying to log into a company’s site.
A plain text password offender will email your exact password (in plain text) back to you. So in our example above, the email you receive will list your password as MyName2016. Ticketmaster on the other hand will email you a temporary password, which you will be asked to change once you have accessed your My Ticketmaster account.
Further, once you have changed your password on Ticketmaster’s site, we will email you to alert you to the password change and provide contact details to get in touch with us if the password was changed by anyone but you.
A further concern when using accounts with plain text offenders is the fact that we oftentimes lack creativity when it comes to setting passwords. While some may be diligent in altering passwords constantly, many of us use the same passwords for various websites and accounts, which can make it even more dangerous if your password falls into the wrong hands. The password you use for something seemingly innocuous could lead to a more serious data breach if you use the same password for your email or online banking for instance.
Online security is a really important issue and Ticketmaster encourages all customers and clients to ensure they are savvy with regards to the protection of personal data. At Ticketmaster, we are doing our bit to ensure the data of our clients is as safe and secure as possible.