Has WTRL now become part of Zwift?
On sign up, it now asks you to put your Zwift password (twice). Of course there is no way anybody should be putting their Zwift password in to a third party site, and I cannot think of any other online service where you put the password from one company in to the site from another (SSO aside, which is a separate service altogether).
This probably needs a quick clear answer…
Ive never been that comfy passing my personnel data to WTRL as a 3rd party just so I can make use of Zwift key race series…
Some statements around what they are doing with all the data they are harvesting would be good and its storage - Are they re-selling it?
WTRL privacy policy is pretty clear about the data collected and what they do with it, it’s made entirely clear they do not sell the data for financial gain. Zwift policies also cover the use of some personal data required for race results. So I’m pretty comfortable with the high level information I already provide WTRL.
However I don’t see anything within WTRL or Zwift policies that would seem to cover the sharing of passwords, and as @gloscherrybomb points out it is a very strange situation to have to provide another party with your password for a different service, if there is a need to have some deeper integration this would normally be done via a proper SSO solution. I have a number of pieces of information within my Zwift profile that I would not provide to another party.
Just posting to say that I’ve seen this.
If I for some reason had to do something like this, I’d certainly change my password immediately afterwards. Everything about the WTRL website from basic functionality to the bo-joinggg visual effects just screams amateur hour, so I certainly wouldn’t put it past them that they would probably store the password in plaintext form, with all the usual security implications.
This is totally out of order. No way would I be giving my password for one site to a separate independent site.
Huge red flags! 
As someone who was finally going to start racing with a team a few months ago, I reluctantly jumped through the weird hoops required to sign up for ZwiftPower, but then found the WTRL site so disconcerting that I dropped the idea. This just confirms that gut reaction. No way this should be set up this way.
they can use my account for whatever they want as long as they don’t spend my drops on a bunch of stuff i have to scroll past for 20 minutes to get to the tron bike i use 24/7 or unlock any more outfits
WTRL are paid by Zwift to run ZRL but they do remain a third party contractor, AFAIK, i.e., they are not employees of Zwift and the legal aspects of that.
I saw red flags from day one, so I’ve never even attempted to raise a team (let alone the hundred or so fielded by some team owners!). This is all sorts of wrong that, as Lee said, should be cleared up immediately - especially as regards to legal status, i.e., whatever happens makes Zwift liable and not WTRL
Good spot. I would also like to know more about this. It seems I can still log in to my existing WTRL account - which uses a different password from Zwift - but I would like to clarify if/that no passwords have been nor will be shared in the back end.
If I was registering now I’d just type something random, that was definitely not my password, into those fields and see what happens.
Erm, WTF.
You get an ‘Invalid credentials’ error
That’s even more disturbing.
Having had a quick scan of the privacy policy im not entirely sure WTRL are included in the policy.
In addition, you may choose to share your profile and workout information with select Zwift partners, for the purposes of results, rankings or racing on the Zwift platform, including with CVR World Cup Rankings and WRTL team time trial. We may also share some personal data and statistical information for the purposes of improving our race results and other related services. When you share information in this way, your information may be publicly available.
Has anyone informed WTRL yet? It’s still up.
I would hope that with Zwift staffer James Bailey being alerted to the fact, that Zwift would be having some serious words with WTRL already.
@gloscherrybomb Have you tried contacting WTRL yourself?
Anyone giving their password to WTRL automatically breaks their EULA with zwift.
You are in the hook for anything they do with it too.
Registration ; Password. When you register for a Zwift account, you will choose a user ID and password. It is your responsibility to keep your user ID and password confidential. If you think a third party may have obtained your password, you should immediately change your password. We will have no responsibility for damage caused to you by a third party using your user ID and password regardless of whether it was provided intentionally by you or through your negligence, and regardless of whether we knew or should have known of such use.
I posted this concern to their Facebook group, and they did not approve the post. So I think they are aware. Although they should be aware anyway, as they created the page…
