WebApp Sec mailing list archives
yahoo mail login security
From: Ace123 <flace9 () gmail com>
Date: Sun, 30 Apr 2006 13:25:37 +0530
Clicking on "Why this is secure" link on the yahoo login page gives this: "Yahoo! now submits your ID and password securely via SSL (Secure Sockets Layer) encryption. This means that your personal information is more secure every time you sign in. In the past, Yahoo! used a challenge-response mechanism to protect passwords using MD5. Passwords were scrambled using a one-way hash, so that they could not be converted to clear text." What could be the reasons why yahoo changed their login security mechanism? ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- yahoo mail login security Ace123 (Apr 30)
- Re: yahoo mail login security Andrew van der Stock (May 01)
- <Possible follow-ups>
- Re: yahoo mail login security ROB DIXON (May 01)
- RE: yahoo mail login security Matt Fisher (May 01)
- Re: yahoo mail login security Ace123 (May 01)
- Re: yahoo mail login security Sels, Roger (May 03)
- Re: yahoo mail login security Ace123 (May 03)
- Re: yahoo mail login security Sels, Roger (May 03)
- Re: yahoo mail login security Sels, Roger (May 03)
- Re: Re: yahoo mail login security Damon Leung (May 03)
- Re: Re: yahoo mail login security Darren Bounds (May 04)
- Re: Re: yahoo mail login security Prakash Kailasa (May 05)
- Re: Re: yahoo mail login security Darren Bounds (May 04)