Welcome to the Forum Archive!

Years of conversation fill a ton of digital pages, and we've kept all of it accessible to browse or copy over. Whether you're looking for reveal articles for older champions, or the first time that Rammus rolled into an "OK" thread, or anything in between, you can find it here. When you're finished, check out the boards to join in the latest League of Legends discussions.


Password Recovery BUG - Attention please

Comment below rating threshold, click here to show it.

Dr PoisonGG

Senior Member


Hello Riot / Summoners

My accound is currently under control of hacker. I have already sent an email to Riot. They sent me password recovery. But it did not help ! Hacker can still be on my account . And he still is .
So I spent last 3 hours by searching that possible " way " he does that . I found out critical bug that Riot should know of .

- If hacker gets your password once - does not matter how .. Keylogger or anything .. you are screwed to be honest
- Once he logs off from your account - All he has to do is go to password recovery - and send it to his email. Link will be there for 24 hours - Yea he can have ful control
- Even if Riot gives you back your password .. all what HACKER needs is to do is go back to his email and click one of those recovery mails he has in his inbox, and tadaa, he gets the account back! Now all he needs to do is spam some more "forgot your pw" request recovery links and hes safe for the next 24hours, or until the poor guy who got hacked gives up.

I think this needs special attention . I have never gave my password to anyone and still somebody hacked my account.

Thanks. I hope that I helpe at least a bit . And sorry for my english I am not native speaker