Re: [OT]Yahoo mail
David Pastern <david@scsenterprises.com.au> writes:
> Well that's cos Yahoo is *ucked - I won't use or recommend their services
> ever again. I just had my ex g/f crack my yahoo account, because of a
> weakness in their setup. When you forget a p/w, you can do the secret
> question routine, and if someone knows you well enough there's a chance that
That's why you should never let anyone get to know you that well :-P
> they'll guess it and be able to force a request of p/w. In itself nothing
> too bad, but when the new p/w is posted on the *ucking webpage (instead of
> being mailed to a registered account)...then that cracker can easily just
> change your p/w and log on and do what they want. The result:
>
Yes, that is a pretty serious security flaw. However, I think they
probably do it because the "real" address people sign up with isn't
always valid when they request a password change (I know the one I
supplied when I singed up for mine isn't valid anymore, and I've decided
to leave it that way... which, after reading your post, might not be such
a good thing).
Anyway, sorry about your trouble and I hope you're able to continue
using Debian.
I'll digress from this, now hopelessly offtopic, thread.
Reply to: