Watch out: donít lose your passwords when you sign up online

  • 0 Replies

Offline Bugbatter

  • Microsoftģ MVP
  • Administrator
  • Diamond Member
  • 10557

Who would have thought that by providing registration information on one site, you could make other online accounts vulnerable? Thatís exactly what Dr Nethanel Gelernter and other researchers at the Israeli College of Management Academic Studies demonstrated via their paper The Password Reset MitM Attack presented at the 38th IEEE Symposium on Security and Privacy.

In their paper, the researchers show how Facebook, Google and others are vulnerable to the password reset man-in-the-middle (PRMitM) attack.

Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-