Forums Bug Reports OP password!!

I don´t know if this is a bug or a secuity risk. It seem that if you have a OP login and Password and you put this info in you Perform on login it saves you password in a file perform.ini. This was nothing I knew about and i I think a lot of people out there don´t know this as well.

What happend i my case was that mirc got installed on my number2 disk. This disk is shared when i´m using varoius filesharing programs. At a time when I was not at the computer someone downloaded this file and used it to ban alot of people in a channel whera i usually is.

Just thought u know!!
Regards BadAss

Never ever type in a password in a prgram that are on a disk you let other ppl have access to, allways try to keep that program in a disk where you never let somone else have access to the files.... goes for all installed programs!

It isn't a bug.

If you saved you passwords in a text file with notepad would you blame notepad when someone opened it and got your passwords? Just like notepad isn't designed to store passwords securely, neither is perform.

heh .. yeah, and move it to a different
drive or directory that is not shared.

No need to uninstall it to move it, just shut
down mIRC and move the entire mIRC folder
to a drive or directory that isn't shared.

Well! Nice people here....not!!! Hey! i´m a newbe at Mirc!! I just thought it was kind of stupid that this info was saved in a file that anyone can read. I think i should be encrypted somhow. Bye!!

´we arent rude, just explaining.. and encrypted? so if you want to get your password from preform, then you arent able to cos it's encrypted.. and how would preform(mirc) know it's a password ?

It's simple really, the Perform List is exactly that, it
performs a list of commands when you connect to a server.
It in no way is meant to be secure so other people can't read
your passwords and whatnot, if you don't want others to
read your passwords from your perform list

1) Don't use commands in your perform list that require
   passwords.
2) Do not allow others access to your copy of mIRC.
3) Don't Use the perform list at all.

It's not a bug.

Calm down, ppl are trying to explain to you what happened, not be unkind. When you put info in mIRC options like perform, you expect it to be saved dont you? What happened to you is a good reason why we suggest ppl NOT put passwords there where someone could see them if they get access.

When you open parts of your computer to other ppl, it stands to reason you need to take a close look at exactly what you are making available.