Closed havinhphu188 closed 2 years ago
👋 Thanks for reporting!
Hey @havinhphu188 , if you go through our code over here in line 17 and 25. You will get a better oversight of how we store your password encrypted which is necessary to get the headers from Riot. If I'm not wrong riot sends notification when there is an unsuccessful login (password entered incorrectly). We store the passwords encrypted and only decrypt it when we need to make an API call to retrieve the headers. For example we retrieve headers in line 112 when someone enters the command +store.
Not sure if this bot has leaked my password, but I have only leaked my riot account to 2 sites. This valorina, and valorant.store (already shut down). Valorant.store claim that they do nor store our password (and the fact that I have to type password every time, make me believe the leak must came from valorina) Luckily, I have 2-factor auth, but I am not feeling safe with valorina anymore.