password security
5 views
Skip to first unread message
stentor
Nov 21, 2008, 8:08:40 AM11/21/08
to e4ward
I just got a message from e4ward today, about a request to change my
password.
The thing is, I didn't make that request.
Someone must have got my e4ward primary forwarding address, and made a
"lost my password" request. Presumably they were hoping I'd just
click on the link in the confirmation email, because that would
complete the password change process. Then they'd have my password --
and I wouldn't!
Fortunately I was suspicious and didn't click on the link (but I did
change my primary forwarding address, just in case they try again).
It's common for lost password security to ask extra questions, about a
pet's name, a city, or things like that. Could e4ward implement that
small extra step to ensure that nobody accidentally succumbs to this
trick in the future?
password.
The thing is, I didn't make that request.
Someone must have got my e4ward primary forwarding address, and made a
"lost my password" request. Presumably they were hoping I'd just
click on the link in the confirmation email, because that would
complete the password change process. Then they'd have my password --
and I wouldn't!
Fortunately I was suspicious and didn't click on the link (but I did
change my primary forwarding address, just in case they try again).
It's common for lost password security to ask extra questions, about a
pet's name, a city, or things like that. Could e4ward implement that
small extra step to ensure that nobody accidentally succumbs to this
trick in the future?
Reply all
Reply to author
Forward
0 new messages