https://boingboing.net/2017/06/22/security-questions-suck.html
'In a paper for IEEE Security, researchers from Cyberpion and Israel's
College of Management Academic Studies describe a "Password Reset
Man-in-the-Middle Attack" that leverages a bunch of clever insights into
how password resets work to steal your email account (and other kinds of
accounts), even when it's protected by two-factor authentication.'
Take note when signing up to new sites!
Cheers,
*** Xanni ***
--
mailto:xanni@xanadu.net Andrew Pam
http://www.xanadu.com.au/ Chief Scientist, Xanadu
http://www.glasswings.com.au/ Partner, Glass Wings
http://www.sericyb.com.au/ Manager, Serious Cybernetics
