Security Advisories

Trustwave Press Releases

« Microsoft Patch Tuesday, June 2014 | Main | Setting HoneyTraps with ModSecurity: Adding Fake Hidden Form Fields »

10 June 2014


I would argue that if you are relying on email addresses and user ids as part of your "security" then your widgets are already broken. I'll bet I know your twitter user id and I'll bet you know mine :) If we could only get all apps to use two factor I think we would agree we would be much better off.

Speaking of usernames... = orenhafif =

WordPress accounts are an insane how-to-do-it-wrong example of all you explain above.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Your Information

(Name is required. Email address will not be displayed with the comment.)