[security] How to prevent phishing...
gaz_sec at hushmail.com
gaz_sec at hushmail.com
Wed Apr 11 18:09:06 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Good point that would present a problem
On Wed, 11 Apr 2007 18:13:43 +0100 Johannes Berg
<johannes at sipsolutions.net> wrote:
>On Wed, 2007-04-11 at 18:09 +0100, gaz_sec at hushmail.com wrote:
>
>> When creating an account a cookie would store the passphrase.
>
>Ah ok. But what if the user logs in from different systems? On the
>second system he may be confused already because the passphrase
>isn't
>displayed. "Help, I'm being tricked here"
>
>johannes
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
wpwEAQECAAYFAkYdI9sACgkQrR8fg3y/m1AZPAP/U5dvooMg7UXY0oH9s2ph9+En9ZHL
oEQuLIGLMhmGS0DVLgAaKhbYK/g1YAo2wECXnd+SL2f57wQ6x3v6KHYrS5CvM0D/GOkp
bjKeyDOrcEC4sxMzybXazR7LznLNM3qhNCH6oT8stTFqlcyJShPBih05iS2pHd15NW7x
Iicbk4Y=
=NOOp
-----END PGP SIGNATURE-----
--
Click to make millions by owning your own franchise
http://tagline.hushmail.com/fc/CAaCXv1QweQqnBA8mDmUIXD8EnXSk7LI/
More information about the security
mailing list