---

Home Security

CNET News.com: Hotmail hole raises larger security issues

By

“A security hole discovered yesterday in Microsoft’s MSN Hotmail
calls into question the free email service’s practice of allowing
users to log on from any Web page, security experts said.”

“While Netscape, Yahoo, and other free email services direct
users to specific login Web sites, Hotmail allows users to access
their accounts from any Web page. A simple login HTML form or
Javascript, which appears on the Web page as a box for the username
and password, is all that is needed. Many Web sites offer this
service.”

” ‘I think [login programs are] a big mistake, said Richard
Smith, president of Cambridge-based Phar Lap Software. ‘If you log
in from somebody else’s Web page, they can equally bug the message
to grab your username and password.’ “

“The only solution, said security experts, is to restrict login
access to a central page.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.