RoboForm and GoodSync vulnerability

Many people stored and make backup of their RoboForm data at their web hosting. But they do not remember, that search engine can crawl their data if it stored online.

So, using the new Google Search, people can search for the .rfo, and get their RoboForm data.

And worst than that, when a hacker read the GoodSync log, they will also get the details of the FTP username and the FTP password for the website.

This is a nightmare for any RoboForm user that store their data at their web hosting.

To prevent this, web hosting owner must use the .htaccess or atleast disable the directory listing in their directory.

So, you are not only responsible for the creation of your website content, but you are also take the responsibility for securing your own website. Remember, “you” are the one who responsible to make your web site and online information stay secure, not your web host.

Leave a Reply

Your email address will not be published. Required fields are marked *