Originally Posted by
ckpeter
They have already clarified that there was not a system weakness. Given that someone guessed your (weak?) password and got all your account information, I would say AwardWallet would be invaluable in tracking down rogue redemptions.
Yes, but the fact that AwardWallet displays all stored passwords in plain text is a major system weakness. There is no reason to do this.
If the passwords were not displayed in plain text then a hack on AwardWallet accounts would not allow access to the account username/passwords of all accounts tracked within (except if the password for those is the same).