Comment on Intro to "Q" - next generation backoffice system

Sourabh commented on 01 Oct 2017, 04:15 AM

Dear Nithin,
( if you happen to read this )
SECURITY OBSERVATION!

I am a new Zerodha user and I find that if I click the back arrow on the chrome browser even after logging out of Q, I am directed to the last page of Q I visited including the display of relevant sensitive data from my account. This could compromise sensitive data of users if machines are shared. I don’t know if this is happening only to me but if I’m not alone on this, then Zerodha might find in their best interest to see that the HTML and CSS data of the previous pages be removed from the browser when logged out. This could be serious if someone with malicious intent shared a device with a Q user. I hope you will look into this. I will use this opportunity to also mention that I am personally having a bad experience with Q as it never recognizes my password and I have to keep resetting it. I feel that Q has a bit of glitch overall.

View the full comment thread »