People Using Nifty Stats - you might want to check this
 

I tested Nifty Stats, and really liked it, and was just about to upgrade to the Pro version.

Just to test a few things I went in to the DB file and was quite shocked that all my passwords and usernames was stored in the database, UNencrypted, in a big flat file.

I dont do drama, but this is a security issue I think the users should be aware of.

The program default install path is in "C:\Documents and Settings\USERNAME\Application Data"

That folder is assessible by some Browserplugins

going to check that right now

not my biz, but you said you left adult...

I think you should read what I wrote again

I just checked mine and it is a completely encrypted file, I can't read anything in it, all characters and jibberish

then send it to me - email is in the sig

nice try

You can change the folder but AFAIK browser plugins can read ANY files and folders on your HDD which are accessible by current user's permissions (do you keep only encrypted docs on your disk?). That's why you definitely should not install any unsigned and untrusted ActiveX and programs.
Correct me if I'm wrong but once I was using plugin in IE for uploading of photos ant it uploaded all photos I've threw to it and they were not in "application data" folder for sure :)

loginBLAHxpassBLAHx

yeah, pretty open...

At least you'd need a user/pass from what Lace is saying.

no - that is NOT what he said, and its NOT how it is

up we go

Oh damn, that sucks... :(

Hopefully Jenna sees this and they roll out an update with encryption?

They know it, but claim its not a issue.

They also claim that any other software out there stores the passwords unencrypted in clear text files

I dont know who Jenna from Nifty is. The Support team that answer Nifty Stats Questions, dont want to tell me their names