August 20, 2013 at 10:02 PM #282869August 23, 2013 at 12:47 PM #286243
This is a huge security flaw. So far my workaround has been to warn people not to use a password they use for other websites as it sends the password unencrypted in an email. This has received some complaints but so far we have still been able to use it.August 23, 2013 at 1:39 PM #286242
That is something I had not thought of and we use ReviewLink frequently with all of our internal customers. I’m going to have to now go ask the question of our IT group about it. Thank you for making us aware of this.October 29, 2014 at 8:43 PM #286244
I love ReviewLink but am working with a new client that has security concerns about putting our courses on the cloud.so now I need to provide information that it is secure. Well I am already concerned because this topic above is still an issue where the username and password are both sent in an email… Did anyone else do research for their company and found that it is secure?.. or is not secure enough for them to use? I did find out that ReviewLInk is hosted in Amazon’s cloud but need to put some documentation together for the client to make a decision. Any information would be helpful.. ThanksAugust 11, 2016 at 4:02 PM #324339
Karen JensenMember3 pts@Karen Jensen
This is on the Trivantis site frequently asked questions. I have never had an issue with RL:
<span class=”fl-accordion-button-label”>Is ReviewLink secure?</span> <i class=”fl-accordion-button-icon fa fa-minus”></i>
All content published to ReviewLink and data transmitted between Reviewers and Publishers is private, secure, and password protected. ReviewLink is hosted on a secure server using a multi-tenant architecture, and all pieces of content are individually firewalled. For data integrity security, all data is stored in a SQL database that is accessible only from the ReviewLink application server. The files are never stored directly to a disk file that is accessible externally. All data is transmitted and received between Lectora and ReviewLink using 128-bit AES encryption. All content and comments are password protected such that it cannot be accessed without being logged into the system.
You must be logged in to reply to this topic.