The loginserver could be used to get the plain text password. Pretty sure client sends it over unencrypted. This is why i said the loginserver should be managed better. So this is a risk.
So yes. They could steal passwords. So dont use same password there.
H
__________________
Haynar <Millennial Snowflake Utopia>
|