Skip to main content
InfoSec aXioms
Ofer Shezaf contemplating the role & value of information security

You are here

Home

WHID 2003-3: User passwords could be stolid in Microsoft's Passport service

Share/Save

Additional information:

  • Microsoft faces huge fine over security [Zdnet, May 9 2003]
  • Microsoft Patches .NET Passport Hole [AnyNetwork, May 8 2003]
Attack Method: 
Weak Password Recovery Validation
Incident Outcome: 
Disclosure Only
  • Add new comment

Science or Religion?

  • Risk Management
  • Research Analysis
  • Solutions Accuracy
  • Open Source
  • Patents

Further Research

  • Defining a WAF
  • Detecting Credit Card Numbers in Network Traffic
  • Secure Development Life Cycle
  • Positive Security & Learning
  • Signatures & Negative Security

Presentations

  • Analysis Of The Web Hacking Incident Database (video)
  • Pen-testing RESTful Web Services
  • WAFs in the cloud
  • Wiki Security

  • About
  • Contact
  • Legal Stuff
Copyright © 2011 Ofer Shezaf.Theme by Kiwi Drupal Themes, based on Tarski project.