|Status:||Waiting for Feedback||Start date:||04/18/2011|
|Target version:||030 - Version > 2.xxx|
users are unaware that their premium account username and passwords can be shown as raw text. Uploading these to public pastebin websites/or hosters in form jdownloader.log exposes them. These public hosting services usually have long life spans, and on occasions unable to remove content. Users tend to use the same usernames and passwords on multiple websites/services (sorry everyone does it, regardless of security implications known or unknown.)
how to fix:
either disable copy paste functions, right click cut/copy and ctrl+x/c force users to only use jdownloader's hosted pastebin service as 'trusted'
provide a warning window informing users of risk apon these copy functions.