Sorta temporary not an ok thing discovered via experimentation with someone
You can recover anyone's deleted account simply by giving the at team email the url and asking to recover it
In other words
Not sure how they prove owner ship but in my head if you are convincing enough you can actually steal anyone's account.
So yeah we kinda have an issue here
Comments (7)
actually just noticed that
It's happened before with navor
But I'm not sure how the process works. I assume it's more complicated
hmm
seems AT needs to incorporate a 2fa system
Or at least set up a custom security code for signing into an account via new device/ip
Im sure they wont just out right hand you someones account even if you say you forgot the email and password
But if its proving yo own it via old tracks or something
People have been backing up accounts via way back, which if you didn't know
Any deleted track if remix is on
Can be remixed and stolen without anyone knowing where you got said track
I've even remixed a track with a deleted account and it appears as co owner
https://www.audiotool.com/track/21el04g9k/
Jungle had deleted their account a year prior yet I was able to make it co owner via this exploit
This needs some attention.
boink
commenting so it gets sent to the top if it isn't already hopefully the devs saw this