WELCOME

In a nutshell, DX.Exchange was sending the requests to the

Jan. 21, 2017 by Ella Pickett

In a nutshell, DX.Exchange was sending the requests to the browser, so that users could perform a password reset every time they logged in to the platform. The broker didn't know who was sending these requests or what they were actually doing, and he didn‛t know what his account was being used for or who had sent them; that just meant that he had no way to know whether the request would actually receive the data he needed to send back. At the time, it was unclear if the broker would be able to determine who was sending the data to his browser or if the broker would be able to determine which users were sending the data, as the site seemed to be using a separate server. (Although there was no way to determine whether the broker was using the same server, it might be worth considering.) DX.Exchange's new service is supposed to be a bit more secure than its older peers. It's not.

The broker and the trader used the same password reset URLs, but that meant that they were sending the same user credentials. That meant that the broker could determine who sent the requests to his browser and when. The broker couldn't know if the user had ever sent a password reset, or if they had. The broker can't know if the user has ever sent a password reset.

That meant that the broker could determine which users were sending the data to his browser and when. The broker can't know if the user has ever sent a password reset, or if they had. The broker can't know if the user has ever sent a password reset, or if they had.

The new service allows a broker to know whether the user has ever sent a password reset. The broker now has the power to control how the user's account is accessed and configured. It also has the authority to change the way the user's account is used.