Skip to content

Type in your suggestion - new feature or improvement idea

← Wishlist

Name & Phone # Leaked when Email is known

If a person enters a known, valid email address on the first event registration page, the 2nd page is pre-populated with the first name, last name, and phone number matching the email address.

Someone familiar with email address of people in the organization (or someone guessing or brute forcing) can obtain the person's phone number or full name in an unauthorized manner doing this.

1 vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Darvell Powell shared this idea  ·   ·  Report…  ·  Admin →
Comments are closed An error occurred while saving the comment
  • AdminKatya Tyukina (Director of Product Management, Wild Apricot by Personify) commented  ·   ·  Report

    Darvell, the information is populated only in case the field access is set to Anybody in member's privacy settings. In other words, if you know the email address
    you could find the same information on Members directory page, it is visible and searchable there, for example.
    You can change the privacy access of these fields for all members to 'Members only' by default and they will not be pre-populated on the registration form.

Wishlist: Security / Privacy

Categories

Feedback and Knowledge Base

(thinking…)
WildApricot Inc. 
144 Front Street West 
Suite 725 
Toronto, Ontario M5J 2L7 
Canada
Terms and Policies
WildApricot Inc. Service Provider Level 1