[18665] in bugtraq
Re: Yahoo! Instant Messenger
daemon@ATHENA.MIT.EDU (Bill Fumerola)
Wed Jan 17 12:59:31 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010116184458.H76347@elvis.mu.org>
Date: Tue, 16 Jan 2001 18:44:58 -0600
Reply-To: Bill Fumerola <billf@MU.ORG>
From: Bill Fumerola <billf@MU.ORG>
X-To: Matthew Keller <kellermg@POTSDAM.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <3A64833F.1F2F6141@potsdam.edu>; from kellermg@POTSDAM.EDU on
Tue, Jan 16, 2001 at 12:22:07PM -0500
On Tue, Jan 16, 2001 at 12:22:07PM -0500, Matthew Keller wrote:
> You're assuming that the person who holds both a YIM account and a
> Wallet account uses a different password. I'd bet willing to wager that
> near five-9's of the YIM/wallet users use the same account name and
> password, thus making any disclosure of their password a problem.
All those involved with this thread should check their information before
posting.
The overview of the Yahoo security key can be found at:
http://help.yahoo.com/help/skey/index.html
An overview of the Yahoo wallet can be found at:
http://help.yahoo.com/help/wallet/index.html
The following link explains that your Yahoo password must be a different
password then your Yahoo Security Key. It also explains that the security
key MUST be used to access billpay, auctions, etc:
http://help.yahoo.com/help/us/skey/skey-12.html
Hopefully this addresses all concerns raised on this list.
--
Bill Fumerola / billf@FreeBSD.org
