Password Security

From its inception, CellarTracker used a very low-tech authentication mechanism, and users were encouraged to use a password that they wouldn't be afraid for an administrator to see.

However, effective October 27, 2011 the site now embraces industry best practice with regard to password handling, cookies, secure web protocols, password reset mechanisms etc. If you are not especially technical, you can probably stop reading right now. However, if you are in fact much more curious or have specific technical concerns or issues, the goal of this FAQ is to very transparently disclose our practices in this regard.

Please also read about Privacy Options for controlling who can see your cellar data as well as our Privacy Policy.

Technical Details

Below I will describe in more detail about web protocols (HTTP/HTTPS), SSL/TLS certificates, Cookies, password hashing and general password retention and transmission practices.

HTTPS Details

Traditionally websites have used a secure (HTTP Secure or HTTPS) page just for initial log-in and then resume the rest of the browsing session over an insecure HTTP connection. However, with the advent of shared, public, wireless access points, this is increasingly problematic as demonstrated by the public release of Firesheep. In short, this partially secure approach makes it easy for anyone to steal your credentials and masquerade as you. As such, CellarTracker has chosen to use HTTPS for ALL browsing for logged in users. While this does induce some extra latency and server expenditures, it is the only proper way to truly protect your information.

Formerly CellarTracker used to show advertisements to guests and registered users who had not made a Voluntary Payment. Unfortunately, at this time Google does not offer a version of AdSense that will serve ads over HTTPS without compromising security and generating incredibly annoying "mixed content" prompts in IE8 and older. In the name of security and user convenience, we have decided to forgo millions of ad impressions per year and have dropped these advertisements for all registered users. While this is a very expensive business decision for CellarTracker, it is simply the RIGHT THING to do for the community.

Not all SSL/TLS certificates are created equal. CellarTracker has obtained a Class 4 or Extended Validation (EV) certificate. You can see this with the green in the browser bar:

EV SSL Cert

Cookie Details

As in keeping with industry best practice, authentication cookies (username and hashed password) generated by CellarTracker are marked as Secure, so they are only transported over HTTPS. The site also marks all cookies as HttpOnly to help mitigate against Cross Site Scripting attacks in mainstream browsers.

Password Security

CellarTracker no longer retains the actual text of any password. Rather your password is securely salted and hashed and only stored in this form. Because of this, passwords are now case sensitive. All formerly retained passwords have been deleted, and site administrators no longer have access to your actual password. If you do forget your password, the site allows you to send a temporary password reset request to your email address of record. Since CellarTracker is not a banking or transactional site, we do not use biometric questions (e.g. what is your dog's name or your mother's maiden name) to further guard password resets. If your email is hijacked, you likely have far bigger concerns than unauthorized access to your CellarTracker account. However, CellarTracker cannot be used as a vector to determine your password so that a hacker can then access your bank accounts on another website.

If for some reason you no longer have access to an old email address that you used on CellarTracker, please send email to support@cellartracker.com with your old email address, your full name, the handle in use on your account, and any other information required to verify your identity. Assuming everything checks out, we will update your email address and send you a password reset request.

Migration

Since these changes were implemented on the website, your cookies are automatically migrated the first time you visit the site from a given machine/browser. In some rare cases people have had issues with this transition, so the simplest workaround is to always just delete all cookies for cellartracker.com in that browser and then log back into the site.

Issues & FAQ's

Known Issues

Frequently Asked Questions

A Note on Credit Card Security

This is actually a non-sequitur, but with the recent announcement of stolen credit cards at Wine Library, we thought we should comment on credit card security at CellarTracker. We have actually made a very conscious decision from day 1 to NEVER store or even handle cardholder data. All voluntary payments to CellarTracker come via a webpage hosted at payflowlink.paypal.com as part of the PayFlow Link payment service. This is a 3rd party payment service originally developed by Verisign and later acquired by PayPal as part of their Merchant Division. All cardholder data that you enter is handled only by PayPal. We never have access to complete credit card details, and we don't want it. PCI compliance is a real pain in the neck, and touching credit cards is akin to playing with munitions.

Conclusion

In short, we hope you are pleased with the changes here. Please do email eric@cellartracker.com if you have questions, concerns or technical issues.