Layer 8

Security is fundamentally about people, and everything we know about people is relevant to security. -- B. Schneier

Abusing the system.

I just decided that on one particular site that I use maybe twice a year, it’s easier to use the “forgot password” function and have the password reset every time I want to log in, rather than come up with a memorable password. Why? Because the challenge question, unlike the password, never has to be changed!

So I just put any old thing into the new password field, and forget about it until next time.

I’m sure this isn’t what the designers intended.

Posted by shrdlu on Monday, May 04, 2009
(1) Comments • Permalink •

blogmarks Favicon

del.icio.us Favicon

Google Bookmarks Favicon

StumbleUpon Favicon

Technorati Favicon

TailRank Favicon

Page 1 of 1 pages

About the Bloggiste

I'm an IT security manager who has worked in various places around the world and in the US. If I told you more, well ... you know.

Teach The Controversy - Intelligently Designed shirts urging you to show both sides of every story

Latest entries

Abusing the system.

New comments

BSOFH Interview Questions. (3) Span of control. (7) MacIntel. (1) Mrs. Grundy’s tweetstream. (1) For or against. (6) Crazy talk. (2) The exception IS the rule. (3) Not so much an “E” ticket. (2) Hey, that dog food’s actually kinda tasty. (4) Audit instructions. (8)