Tuesday, January 19, 2010

flaws in our email service? be careful..

just now i just playing around with a mail after capek tell a story about his friend's email had been compromised..

what i had founded was quite shocking.. it was very easy to change others password just by having their ID..

it starts here.. I just click on I can't access my account link..

Then choose My account may have been compromised.. And click next..

complete some easy captcha n email id..

complete easy form..

finally i got an email..

maybe i miss something that make this system secure in other way.. because this is just my simple lazy experiments..(thats why my English is bad also) please add any if there are any, my friends..

No comments: