[security] How to prevent phishing...
Johannes Berg
johannes at sipsolutions.net
Wed Apr 11 17:13:43 UTC 2007
On Wed, 2007-04-11 at 18:09 +0100, gaz_sec at hushmail.com wrote:
> When creating an account a cookie would store the passphrase.
Ah ok. But what if the user logs in from different systems? On the
second system he may be confused already because the passphrase isn't
displayed. "Help, I'm being tricked here"
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20070411/1f3909d7/attachment-0002.pgp>
More information about the security
mailing list