WebApp Sec mailing list archives
RE: Summary: Growing Bad Practice with Login Forms
From: "Mike Peppard" <mpeppard () impole com>
Date: Fri, 30 Jul 2004 10:27:43 -0400
-----Original Message----- From: David Wall @ Yozons, Inc. [mailto:dwall () yozons com] Sent: Thursday, July 29, 2004 6:45 PM To: webappsec () lists securityfocus com Subject: Re: Summary: Growing Bad Practice with Login Forms
Anyway, the your idea is out there already.
Both my bank and the stock trading company I use claim to use "The best minds in the security industry" <quoted from my bank's security page> and neither have used simple logic to evaluate the implied assumptions of their login process. One wrong implied assumption can be disastrous, but two or more can also give false reassurance and be used in conjunction against you to deceive. The thought of a password and "pass phrase" is a good beginning.
Current thread:
- Re: Summary: Growing Bad Practice with Login Forms, (continued)
- Re: Summary: Growing Bad Practice with Login Forms David Telfer (Jul 28)
- Re: Summary: Growing Bad Practice with Login Forms Rogan Dawes (Jul 28)
- Re: Summary: Growing Bad Practice with Login Forms athena (Jul 28)
- RE: Summary: Growing Bad Practice with Login Forms Yvan Boily (Jul 28)
- RE: Summary: Growing Bad Practice with Login Forms Mike Peppard (Jul 28)
- RE: Summary: Growing Bad Practice with Login Forms Herman Frederick Ebeling Jr. (Jul 28)
- Re: Summary: Growing Bad Practice with Login Forms David Wall @ Yozons, Inc. (Jul 28)
- RE: Summary: Growing Bad Practice with Login Forms Mike Peppard (Jul 29)
- Re: Summary: Growing Bad Practice with Login Forms David Wall @ Yozons, Inc. (Jul 30)
- Re: Summary: Growing Bad Practice with Login Forms Murf (Jul 30)
- RE: Summary: Growing Bad Practice with Login Forms Mike Peppard (Jul 31)
- Re: Summary: Growing Bad Practice with Login Forms Jimi Thompson (Aug 01)
- Re: Summary: Growing Bad Practice with Login Forms athena (Jul 31)
- Re: Summary: Growing Bad Practice with Login Forms Stefan Paletta (Jul 31)
- Re: Growing Bad Practice with Login Forms Steve (Jul 27)
- webpage _effective_ source (was Re: Growing Bad Practice with Login Forms) Laurian Gridinoc (Jul 28)
- Re: Growing Bad Practice with Login Forms athena (Jul 28)