Educause Security Discussion mailing list archives
Re: Mitigating Phishing Attacks
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Sun, 18 Nov 2012 08:47:56 -0500
On Wed, 14 Nov 2012 16:23:46 -0600, Steven Tardy said:
0a) log all authentications(failed and successful) to a database.
Sorry for the late reply, been a zoo here in my office. Note that logging failed authentications can be problematic, because if a user gets out of sync with the input, they can end up entering their password into the login field. So then you see in your logs: User 'fredspassword' not authorized. User 'fred' logged in. and you've created an unintentional password disclosure. It's probably not a big problem if you mask out the purported userid if it doesn't exist, or do something else to ensure that you don't log a password thinking it's a userid.
Attachment:
_bin
Description:
Current thread:
- Mitigating Phishing Attacks Christopher Jones (Nov 14)
- Re: Mitigating Phishing Attacks Jason Gates (Nov 14)
- Re: Mitigating Phishing Attacks King, Ronald A. (Nov 14)
- Re: Mitigating Phishing Attacks Amanda Williams (Nov 14)
- Re: Mitigating Phishing Attacks Steven Tardy (Nov 14)
- Re: Mitigating Phishing Attacks Joel Rosenblatt (Nov 14)
- Message not available
- Re: Mitigating Phishing Attacks Drew Perry (Nov 15)
- Re: Mitigating Phishing Attacks Valdis Kletnieks (Nov 18)
- Re: Mitigating Phishing Attacks Bob Bayn (Nov 14)
- Re: Mitigating Phishing Attacks Bateman, Darrell (Nov 16)
- Re: Mitigating Phishing Attacks Christopher Jones (Nov 19)
- <Possible follow-ups>
- Re: Mitigating Phishing Attacks Conlee, Keith (Dec 04)
- Re: Mitigating Phishing Attacks Tonkin, Derek K (Dec 04)
- Re: Mitigating Phishing Attacks Oscar Knight (Dec 04)
- Re: Mitigating Phishing Attacks Tonkin, Derek K (Dec 04)
- Mitigating Phishing Attacks Conlee, Keith (Dec 04)