Items tagged openid, phishing in 2008
Filters: Year: 2008 × openid × phishing × Sorted by date
Windows Live Adds Support For OpenID. I hope they include the option to log in to the provider using CardSpace, to address phishing. # 27th October 2008, 9:34 pm
OpenID phishing demo (via) A demonstration of the OpenID man-in-the-middle phishing attack. idproxy.net OpenIDs are immune to this particular variant due to the landing page not asking for your password (the phishing site could still provide their own redesigned landing page and hope users don’t notice though). # 28th May 2008, 8:09 am
PayPal Plans to Ban Unsafe Browsers. At first I thought they were going to encourage real anti-phishing features in browsers, which would be a big win for OpenID... but it turns out they’re just requiring EV SSL certificates which have been proven not to actually work. # 19th April 2008, 10:45 am
openid.yahoo.com. Yahoo!’s human readable guide to OpenID, complete with tour. It looks like they’re relying on the “sign-in seal” to protect against phishing. # 17th January 2008, 2:35 pm