Study Finds Weaknesses in Single Sign-on Systems | Network World
April 4th, 2012 | Information Security
In one of the flaws the researchers exposed, for example, not all websites confirmed that a verification coming from OpenID included all of the items the website asked to be confirmed, such as the first name, last name and email address. The researchers were able to access the request, delete one piece of requested information (the email address, for example) as it went to OpenID and simply re-insert it in the signed okay from OpenID. In this way, even a hacker who didn’t control the email address linked to the user’s account on the website in question could log in, and potentially make purchases, using that person’s account.
via networkworld.com
Related Posts:
- New Ransomware Says You’ve Child Porn On Your Computer
- How to hack IP voice and video in real-time | Network World
- Posterous Finds A Home In The Arms Of Twitter | TechCrunch
- Are Two Narcissists Better Than One? The Link Between…
- A Git Tutorial | danielmiessler.com
- My Varnish Study Piece
- New “Man in the Browser” Attack Bypasses…
- CheapTweet – Twitter Deals, Coupons, Bargains, Sales…
- Tracking Web Visitors Using Cached HTTP Redirects |…
- DDoS Attacks Move to Server Scripts | Network World
☐ If you enjoyed this, please consider connecting via Twitter, RSS, or my other content.
Pingback: cheap auto insurance maryland
Pingback: auto insurance quotes
Pingback: 1300 numbers
Pingback: las vegas hotel promotions
Pingback: www
Pingback: leiligheter Alanya
Pingback: gambling
Pingback: garage doors
Pingback: parels
Pingback: Amherst Center