1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Xenforo customers security

Discussion in 'General XenForo Discussion and Feedback' started by Michael Dance, Sep 11, 2011.

  1. Michael Dance

    Michael Dance Active Member

    Why dont they generate a user and password which only they can change, as they always ask me for the transaction id from paypal but if you cant find it as they wasnt registered company or too many pages of transactions its hard...

    Vbulletin asks you for a auth code which you must enter the password to transfer which is much user friendly in my opinion i hate ib but thats the best reason to use them instead of all this hard to do ways, i know they are growing but when Xenforo told me it was a company email i got into the customer area but why dont they trust me though, might as well give everyone access as they cant do nowt without my paypal account.
  2. Slavik

    Slavik XenForo Moderator Staff Member


    Valkyr likes this.
  3. Paul

    Paul Well-Known Member

    nope - ya got me there - completely confused now :D
  4. Brogan

    Brogan XenForo Moderator Staff Member

    I believe it's in relation to the Customer area and tickets, etc.
  5. Marc

    Marc Well-Known Member

    OK ...... Still lost though LOL
  6. Michael Dance

    Michael Dance Active Member

    I am in the customer area and they cant help me when im logged in i have to have the transaction id, i have had two, one i had for personal reasons and one i had for business use. Why cant they be like Vbulletin and just make sure you are logged in, or even ask you for your full address you used to order it and email you use to purchase it via paypal, which would be much user friendly and better support.
  7. Kier

    Kier XenForo Developer Staff Member

    When I was at vBulletin, we required transaction IDs etc. to verify that people requesting transfers were eligible to do so. I can't speak to their requirements now. Nonetheless, we have no intention of changing our security procedures.
    Michael Dance likes this.
  8. Forsaken

    Forsaken Well-Known Member

    Thats standard procedure for every company that does online business as well.
  9. Ashley

    Ashley Business Guy Staff Member

    I know it is a pain. The information is requested to authenticate the request (specifically to make changes to customer details or licenses). It should be information that is available to only the license owner. It is a question of security as we do not want some clever clogs sending an email on behalf of a customer to change the license or customer details, only to find out that the request was not from the license owner.

    That would not be good, for all concerned.
    Darkimmortal and Michael Dance like this.
  10. Michael Dance

    Michael Dance Active Member

    ok i see your points but support never asked me for transaction ids just their address, mine and the code from something like members.vbulletin.com/auth.php where i entered my customer password and a code comes up.
  11. EQnoble

    EQnoble Well-Known Member

    Well I was transfering a license a few weeks ago (a vb one) and because I bought it with a card other than my own I had to give tons of personal info of someone else to transfer it even though it wasn't my info to give.

    - Email address -
    - Billing address -
    - Telephone number -
    - Approximate date of purchase -
    - Type of license (owned or leased) -

    - Order Method (Credit Card, Paypal, etc) -
    and that is besides that code.
    since license transfers are an internal thing and I have to assume isn't something that is going to happen nearly as much as license purchases, that is something that I think should be worried less about...I read the thread title and was like uhh oh what happened LOL. If the team changes that cool..if they don't even cooler IMO.
    Michael Dance likes this.
  12. Marc

    Marc Well-Known Member

    Personally I would much rather the inconvenience of trying to find a transactionid and details than I would K&M spend time on writing something for this in place of time that they could be spending on xenforo development itself.
  13. Floris

    Floris Guest

    Yeah, but .. you're on XenForo.com - and they're not the same company as vBulletin Solutions Inc.
  14. Michael Dance

    Michael Dance Active Member

    yeah but id expect something much better and simple from two fantastic developers who worked there and knows the gap in the industry mate.
  15. Floris

    Floris Guest

    They have.

    Give the unique transaction id.

    Then they know it's you - unless your paypal account got hacked.
  16. Michael Dance

    Michael Dance Active Member

    unless your like me who uses your paypal alot and have to browse 30 pages to find the id.
  17. Floris

    Floris Guest

    If you use paypal a lot you should realize there's an advanced search available where you can fill in payments@xenforo.com and set the period to 24 months.

    You will get the few results - giving you what you are looking for.
    Mikey likes this.
  18. Cezz

    Cezz Well-Known Member

    Or just do a search, since you know when you purchased it and the email address is was paid to...
  19. Michael Dance

    Michael Dance Active Member

    wheres that, i only make and accept payments.
  20. Cezz

    Cezz Well-Known Member

    Top of page, history -> advanced search OR Top of page, history -> basic search -> Find Transaction

Share This Page