[144285] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Solving password problems one at a time, Re: The password-reset

daemon@ATHENA.MIT.EDU (silky)
Tue Feb 24 13:27:07 2009

Reply-To: michaelslists@gmail.com
In-Reply-To: <49A34C15.8010808@nma.com>
Date: Tue, 24 Feb 2009 12:44:28 +1100
From: silky <michaelslists@gmail.com>
To: Ed Gerck <edgerck@nma.com>
Cc: cryptography@metzdowd.com

On Tue, Feb 24, 2009 at 12:23 PM, Ed Gerck <edgerck@nma.com> wrote:
[snip]
> What usercode? The point you are missing is that there are 2^35 private
> usercodes and you have no idea which one matches the email address that you
> want to sent your phishing email to.

What you're missing is that it doesn't matter. The user enters the
usercode! So they enter it into the phishing site which passes the
call along.

-- 
noon silky
http://www.boxofgoodfeelings.com/

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[144285] in cryptography@c2.net mail archive

Re: Solving password problems one at a time, Re: The password-reset

daemon@ATHENA.MIT.EDU (silky)Tue Feb 24 13:27:07 2009

daemon@ATHENA.MIT.EDU (silky)
Tue Feb 24 13:27:07 2009