Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: News Item: UN warns on password 'explosion'

From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 5 Dec 2006 18:43:22 +0200 (IST)
On Mon, 4 Dec 2006, Saqib Ali wrote:

My question is why so many online discussion forum require logon to
post messages? Currently I have 20+ discussion forum account for the
various vendors that I deal with (e.g. citrix, wise, altiris, active
batch etc) . Why can't they be like mailing lists where the
username+password is optional/not-required.

Discussion forums use username+password as mean to
1) control access,
2) tie the post to a email address; and
3) prevent  anonymous spam.


I guess 3 is actually number 1. There is incredible amount of spam
even on not so well known sites.


Alternatively this can also be achieved by simply requiring  email
address along with post, and then sending a authorization email to the
poster before making the post visible on the forum. This will achieve
the same effect, and the user will not be burdened with remembering
username+password for each forum where they make posts.


It would not be a good idea: entering password is much simpler than
answering email for each post one makes. You do not need to remember
them all, just use some software to store or derive passwords for each
site.

-- 
Regards,
ASK

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: