Make auto logins secure
Auto logins can be guessed and abused from the contact ID alone. But if they were encrypted, they need not be guessable. I think (possibly with advice from Calvin Alkan) it should be possible to create an encrypted version of each contact ID and store them in a custom field in each CRM. Then that could be used when creating autologin URLs in mailouts instead of the contact ID, and WPF decrypts them on receipt.
Powered by Simple feature Requests