Log In method Vulnerable Attacks Google and Facebook

Posted by Fatkhur Rohman on Friday, March 30, 2012


Log in a single protocol that is used to access your Facebook or Google, suffered a security flaw can be exploited by the fraudsters.
The researchers from Indiana University and Microsoft Research said that, they found some serious flaws in the OpenID single sign in system and used up.

Not just Facebook, the defect is also applicable to the implementation of similar systems in several popular sites. For example, Google and Paypal using OpenID.

This is a problem is the authentication system makes life so much easier, but makes security management to be more challenging.With a single log in the method, the site being visited by a conversation with the provider of the account identification. The site will ask for verification for some information, and account providers respond to the signal "ok" or "no".

In one of the defects found, not all sites that come up to confirm that the verification of OpenID, have included all the requested confirmation. Eg first name, surname and email address.The researchers had access to the verification request, remove one of the requested information (eg email address), and easily put it back with "ok" from OpenID.

It gives hackers a way that does not control the email address to the site user account, can still log in and infiltrate. This also means that potentially the purchase using a compromised account.

therefore be careful when transacting online, and always be vigilant when using the internet as your medium for buying and selling online or just alone. This article may be useful to the reader thanks

{ 1 comments... read them below or add one }

vijay kumar goyal said...

Interesting and beautiful blog lovely presentation thanks for sharing your views. please keep this
we24support-tumblr
we24support@1 888 399 9656
we24support
we24support-webeden
we24support-123freehost

Post a Comment

Related Posts Plugin for WordPress, Blogger...