Welcome to the Family Echo Q&A forum. In order to ask or answer questions, please ensure you sign in at Family Echo first.
Welcome to Family Echo Q&A, where you can ask questions and receive answers from other members of the community.

In order to ask or answer questions, please ensure you sign in at Family Echo first.

Before asking a question, please check the Frequently Asked Questions page.

Is there a way to lock my family tree (even read-only) behind a login? Now it's accessible via an unprotected URL.

+3 votes
553 views
Hi,

 

My Family Tree is currently accessible without login via a URL that anyone can share and access.
 

Is there any way to dissallow even read-only access unless the tree is explicitly shared by someone and they have a login id?

 
Thanks.
asked May 26, 2015 by kaldawi (150 points)
edited May 30, 2015 by kaldawi

1 Answer

0 votes
Try going onto 'My Account', and click 'Change Password'. This should allow you to set up a password. If not contact Family Echo and ask them to look into it.

In the meantime, I'd recommend copying your tree to somewhere else to keep a version safe in case someone tries to change it.

Also, you should probably edit your question to remove the URL, for security purposes.

Good luck!
answered May 30, 2015 by p.mcallister (15,950 points)
Your answer totally misses the question. My question has nothing to do with setting up a password. I already have an account and a password. That's not the issue. The issue is that the family tree can be viewed by others who do not have an account and I don't want that.
I see that you removed the URL from your question. As I remember, it was quite long and complex, so it's unlikely anyone would have remembered it. If someone was going to mess your tree up as a prank they probably would have done so already. You're probably safe now.

However, as I said before you should copy your tree over to a new account for security purposes. DON'T post this one's URL on this forum. I'd also recommend again drawing this directly to the attention of Family Echo, as it could be a serious security problem.

I hope this helps with your problem, and I'm sorry that my last answer 'totally misses' your question.
Thank you so much for your answers. I thought I was raising it directly to Family Echo in this forum :-) I didn't know. I see now that I can Send Feedback to Family Echo directly.
You're welcome, I hope that you get your problem fixed soon. :)
Did family echo get back to you regarding this security hole?  It is disconcerting to find that any tree can be directly accessed by URL, without a login.  Obscure URLs are useless, given links are detectable in logs, transparent proxies, email dumps, etc.
...