In order to open a ticket and send a support request it is necessary to register and set a password. Imagine my astonishment when in the confirmation e-mail I received after submitting a ticket I found my password written out. A security company is the last place where I would have expected violation of secrecy by disclosing my password. I use i-Vault and other measures to keep all my pw’s secret and here the company itself violates confidentiality.
I opened another support ticket to report this and again in the confirmation e-mail my pw is listed.
I wonder what this says about the security of i-Vault in particular and other Comodo security programs in general.
Needless to say I have not yet received any response from support.
Once registered, you will be able to submit any issues directly by sending us Email. We are sorry for any inconvenience this may have caused.
Comodo Technical Support
You have to register at support.comodo.com and then open a support request ticket. After registering it may also be possible to open a ticket by sending e-mail . After opening a ticket by whatever means a confirmation e-mail is sent. Here is a copy (I have hidden personal information):
Your Ticket has been received and a member of our staff will review it and reply accordingly. Listed below are details of this Ticket. Please make sure the Ticket ID remains in the subject at all times.
Ticket ID: xxx-xxxxxxxx
Subject: disclosure of password
Department: Desktop Software
The new support system that we’ve just rolled out is part of a gamut of process improvements we’re making internally (and externally) to be able to provide even better service going forward. In fact, if you go to support.comodo.com you’ll see that we’ve added a few new features to our website to make it easier for our users to find the information they’re looking for. (The myriad of links to the forum for the CPF questions is also a testament to how much we value the information and knowledge that our users bring to the table.)
As always, I’d be grateful for any thoughts, constructive criticism or suggestions about the new system we’ve implemented.
I don’t know if it is a problem or not, especially since this is a forum not a bank. Still, intuitively it doesn’t seem right especially coming from a security company. I know that in most forums a request to recall a password is generally answered straight away, but then the user knows he is asking for it. Here it is just being volunteered for no reason at all, and this isn’t the forum, it is the customert service site which is more likely to contain private information. Moreover there are ways to provide a forgotten password without explicitly putting it into an e-mail. I can understand that for a site like this it may not be strictly necessary, but please Mr. Comodo, appearances count for something also.
P.S. As to the content of the support site, I agree with Mike6688 that it looks like it will be very useful and a great assistance for us users.
r2baruch: Your point is a very valid one - and one I didn’t address in my original post since I read through it too quickly, apologies. I’ll investigate if this is an option can be disabled in the system, and if not, how we can address it otherwise. I agree we shouldn’t have passwords floating around - it’s just bad form.