|
Web Application Security
Example of the worst passwd recovery interface Aug 03 2005 08:59PM Saqib Ali (docbook xml gmail com) (3 replies) Re: Example of the worst passwd recovery interface Aug 04 2005 05:33PM Yousef Syed (yousef syed gmail com) RE: Example of the worst passwd recovery interface Aug 04 2005 08:28AM Marc Heuse (Marc Heuse nruns com) |
|
|
Privacy Statement |
Hash: SHA1
Saqib Ali wrote:
> "However the web page also displays the email address to which the
> reminder was sent."
This is another example of how diligent web developers must be to
protect a user's privacy. This also has other setbacks such as the
ability to farm email addresses for spammers.
Has someone notified their web development team?
Christopher Canova
ccanova (at) reachone (dot) com [email concealed]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFC8i4CvE+JJ/srsxoRAv9sAKC/GHeWvJLiLpO4XZZCZAemFuCCwQCgqnJu
IB3W2p2kTf5CPVVI9TDEh8Y=
=wCP7
-----END PGP SIGNATURE-----
[ reply ]