Entries tagged phishing in 2007
Filters: Type: entry × Year: 2007 × phishing × Sorted by date
Designing for a security breach
User account breaches are inevitable. We should take that in to account when designing our applications.
[... 545 words]idproxy.net: Use your Yahoo! account as an OpenID
In an ideal world, some or all of the sites with large user databases (Yahoo!, AOL, Google, Amazon and so on) would act as OpenID providers, allowing their users to sign in to OpenID supporting sites around the Web. Until that happens, people who want to use OpenID need to sign up for Yet Another Account to do so.
[... 414 words]Solving the OpenID phishing problem
Most of the arguments I hear against OpenID are based on mis-understandings of the specification, but there is one that can’t be ignored: OpenID is extremely vulnerable to phishing.
[... 531 words]