Lottery Post uses several advanced security measures to ensure that your private information and access to your Lottery Post account remains confidential and secure.
Like most membership-type web sites, Lottery Post requires the use of a Username and Password to identify yourself to the system, and gain access to your account.
When you are logged in, that means the system recognizes you, and your Web browser will continue to provide access to your membership account, and all the features your membership has access to, until you log off. (See the methods of logging off below.)
To understand at a glance whether or not you are currently logged in, look at the upper-left part of the page. If it states, "Welcome Guest," then you are not logged in. If it states, "Welcome <your username>," then you are logged in.
To log in, click the Log In link that appears directly below "Welcome Guest".
The first thing Lottery Post does after you click that link is to evaluate your web browser and computer to make sure it is configured properly. By doing this test prior to your log in, Lottery Post removes much of the frustration that can come later when, for example, a member logs in, but then finds that their page continues to state "Welcome Guest" — because unbeknownst to them, their cookies are disabled.
The browser tests happen silently, although you will notice a brief pause, and your browser may redirect a couple times before landing on the Log In page.
To log in, simply enter your Username and Password which you selected during registration.
When the Log In page is displayed, you can examine the Address line in your web browser to see that the URL starts with "https://". This indicates that Lottery Post uses SSL security to ensure that your credentials will be sent over an encrypted connection, and cannot be read by anyone other than you and Lottery Post.
Lottery Post provides a feature that allows you to bypass the SSL security and send your credentials over a non-secure connection. This is not recommended unless necessary, because it sends your password in clear text over the Internet.
The non-secure Log In is provided for devices that are not capable of using SSL encryption, such as certain mobile devices.
Forgot your Username and/or Password?
If you forgot your Username and/or Password, Lottery Post has features to help you remember.
If you forgot the Username you chose, or else you can't remember the exact series or order or characters in the Username, you can click the Forgot your Username? link. You will be prompted to enter the e-mail address that your account is registered under, and then your Username will be sent to that e-mail address.
If you forgot your Password, you can click the Forgot your password? link. You will be prompted to enter your Username, and then your password will be sent to the e-mail address your account is registered under.
The importance of maintaining a working e-mail address
Lottery Post does not make any direct modifications to members' accounts. We will not change your e-mail address, or manually activate accounts, or log in members, or any other such function.
Your e-mail address is your lifeline from Lottery Post in case you need a Username or password reminder, so if you do not maintain a working e-mail address in your Lottery Post membership, you may be cutting yourself off from assistance.
If your e-mail address changes, use the Change E-mail Address feature in the Options menu. Before making the change, be sure you have modified the spam settings in the new e-mail address to allow all e-mails from lotterypost.com, because you will need to receive the re-activation e-mail that gets sent after your e-mail address is changed.
Log In Options
On the Log In page you will notice two checkbox options available:
- Remember me
- Stay logged in between browser restarts
The first option, Remember me, is used to remember the Username you entered, so that the next time you come to the Log In page, the Username entry will already be filled in, and you will only need to enter your password.
For those who are the only users of their PC, you will want to keep this option checked on.
If you are using a public computer, or if there is any reason that you don't want your Username appearing the next time Log In is clicked, clear the Remember me checkbox.
The second option, Stay logged in between browser restarts, should only be used if you are the only person to use your computer, or if you completely trust every person who uses your computer. When you keep this option checked on, you will stay logged on the Lottery Post, even after closing your web browser and restarting your computer. You will only be logged off if you clear your cookies or if you click the Log Off link.
If you turn off the Stay logged in between browser restarts option, you will be logged off automatically when your web browser closes.
Methods of Logging Off
When you are logged off, that means the system does not recognize you, and you have access to only features that first-time visitors are permitted to see and use.
If you are using a computer that people other than yourself have access to, you should always log off before leaving Lottery Post or closing the Web browser. If you don't log off, the next person who uses the computer may be able to use your membership, including access to your private messages and they could post messages on the forums under your name.
The quickest and easiest way to log off is to click the Log Off link that appears directly beneath "Welcome <your username>" at the top of the page.
After clicking Log Off, you are instantly logged off, and your Web browser will no longer be able to use the features of your membership.
The other method of logging is can be accomplished by clearing the cookies on your browser (detailed instructions).
After you have cleared the cookies (or cleared just the Lottrery Post cookies), your Web browser will show that you are viewing the site as a Guest.
However, even though clearing cookies will indeed log you off, clicking the Log Off link is more secure. Read the next section to find out why.
Understanding Log Off and the Security Token
We will spend some time explaining the technology behind the Log Off function, because it can be the source of some confusion if it is not understood.
When you log in to Lottery Post, behind the scenes it generates a security token, and sends it to your PC.
To imagine what a security token is, think of a combination lock — the kind where you turn the knob right, then left, then right.
The security token is the combination to the lock (for example, "12 ... 32 ... 26" — but more much more complex in reality).
When you log in, Lottery Post sends the security token [the combination to the lock] to your computer, and your computer stores it in a "cookie", which is nothing more than a small text file stored on your computer's hard disk.
Every time you go to a new page, your computer is sending Lottery Post that security token [combination to the lock], and then Lottery Post checks to make sure the token is correct, and finally sends the page back to you if it's OK.
All of the passing and validating of the security token happens silently in the background. The one time that the security token becomes an important factor is when you Log Off. Every time you click Log Off, two things happen:
- The security token is erased from your cookie file, and,
- Lottery Post generates a new security token [combination], so the next time you login, Lottery Post sends you a brand new security token, and any previous security tokens are useless.
Creating the new security token in step 2 above is like closing the combination lock and then turning the knob a few times to scramble the tumblers inside. It ensures that someone cannot copy your security token from your cookie file and use it to log in with your identity elsewhere, because if they did try to use it, the security token would be expired and useless.
The one instance where the new security token creates confusion is when a member logs in to Lottery Post from more than one computer. The member may find that their computers seem to log them out without their instruction to do so.
The issue comes up in a scenario such as the following:
- A member logs in at home, and stays logged in when they leave for work.
- At work, the member logs in and uses Lottery Post just fine.
- Before going home, the member logs off at work.
- When the member goes home, they find their Lottery Post session logged off.
Why was the home PC logged off?
It logged off because when the member logged off at work, the Lottery Post server "turned the dial on the combination lock". It create a new security token for their username.
So when the person went home, their PC at home has the OLD security token, which of course is not valid anymore, so the member is essentially "logged off" as a result of their computer not knowing the new code.
When they log in, their computer will be sent the new code.
For the member in the example above, the only way to avoid getting logged off at home would have been to stay logged in at work. i.e., Don't click the Log Off link.
However, Lottery Post recommends clicking the Log Off link, and then re-logging in at home, because that ensures protection against access by someone who could access the security token in the cookie file.