WebApp Sec mailing list archives
RE: Article - A solution to phishing
From: focus () karsites net
Date: Mon, 29 Nov 2004 18:18:00 +0000 (GMT)
Hi Mark and all! On Sat, 27 Nov 2004, Mark Curphey wrote:
To: webappsec () securityfocus com From: Mark Curphey <mark () curphey com> Subject: RE: Article - A solution to phishing <snip> My online bank uses a system of picking random numbers from my password, and asking me to match those numbers with a drop down box, instead of just typing in the exact password in the same format at each login.</snip> Can you describe this in detail? Without the details one might think this just reduces the amount of entropy an attacker has to guess so is a bad thing.
Take a look at http://www.nationwide.co.uk for the login screen! Regards - Keith Roberts http://www.karsites.net
Current thread:
- Re: Article - A solution to phishing, (continued)
- Message not available
- Re: Article - A solution to phishing Michael Silk (Dec 14)
- Re: Article - A solution to phishing Adam Tuliper (Dec 15)
- Re: Article - A solution to phishing Ian (Dec 16)
- Re: Article - A solution to phishing exon (Dec 20)
- Re: Article - A solution to phishing Joseph Miller (Dec 20)
- Re: Article - A solution to phishing exon (Dec 22)
- Re: Article - A solution to phishing Rogan Dawes (Dec 22)
- RE: Article - A solution to phishing Mark Curphey (Nov 29)
- RE: Article - A solution to phishing focus (Nov 29)
- Re: Article - A solution to phishing Tran Viet Phuong (Nov 29)
- Re: Article - A solution to phishing Saqib . N . Ali (Nov 29)
- Re: Article - A solution to phishing Mark Burnett (Nov 29)
- RE: Article - A solution to phishing WebAppSecurity [Technicalinfo.net] (Nov 29)
- RE: Article - A solution to phishing WebAppSecurity [Technicalinfo.net] (Nov 29)
- RE: Article - A solution to phishing WebAppSecurity [Technicalinfo.net] (Nov 30)