Re: Secure Yahoo logins
From: David Schwartz (davids@webmaster.com)Date: 08/28/02
- Previous message: Nick Jacobsen: "Re: Secure Yahoo logins"
- In reply to: Roland Postle: "Re: Secure Yahoo logins"
- Next in thread: John Madden: "Re: Secure Yahoo logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: David Schwartz <davids@webmaster.com> To: <mail@blazde.co.uk>, <vuln-dev@securityfocus.com> Date: Tue, 27 Aug 2002 21:02:57 -0700
>>My other question is if the passwords are encrypted why do they offer a
>>secure login
>>option? How does that increase security, other than adding a brief ssl
>>session.
Because otherwise a man-in-the-middle could serve you a web page that didn't
do any fancy hashing. ;)
DS
- Previous message: Nick Jacobsen: "Re: Secure Yahoo logins"
- In reply to: Roland Postle: "Re: Secure Yahoo logins"
- Next in thread: John Madden: "Re: Secure Yahoo logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
