Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!



Results 1 to 2 of 2
  1. #1
    It's Alright,You Heard?
    whiteLight's Avatar
    Reputation Points
    214616
    Reputation Power
    100
    Join Date
    Aug 2014
    Posts
    9,269
    Time Online
    462 d 3 h 45 m
    Avg. Time Online
    3 h 9 m
    Mentioned
    2378 Post(s)
    Quoted
    807 Post(s)
    Liked
    12475 times
    Feedbacks
    440 (100%)

    On-Demand passwords and e2e encryption source code Launched by Yahoo

    Yahoo made two major announcements this week regarding its security protocol. One was the launching of the new “on-demand” password service and the other was the release of Yahoo mail’s end-to-end encryption source code that is available on GitHub.

    The product management director for Yahoo, Chris Stoner, explained that the company’s on-demand password service is aimed at making the logging-in procedure “less anxiety-inducing.”

    Basically, users won’t have to use a pre-determined password for logging-in to their accounts but Yahoo will send them text messages containing verification code.


    Evidently, this new system of logging-in into Yahoo accounts is different from the two-factor authentication process. Two-Factor process comprises of two different forms of account login which generally involve a text message password. However, the on-demand system will only rely upon one factor authentication system, according to Yahoo’s Blog Post.

    This technology is definitely not new for email users and Yahoo is certainly the first one to have introduced it either. However, Yahoo’s spokesperson stated that it is “still a relatively new trend in the industry, so we’re excited to be leading on this for our users.”

    From the outlook, this phasing out of passwords appears exciting specifically to the security community. But, various professional experts have identified it’s probably security lapses. Particularly, the password program ignores the threat of mobile malware and the probability of a mobile device being compromised.

    Tripwire’s director of product management, security and IT risk strategist, Tim Erlin, states that “While Yahoo is lifting the burden of remembering a password, they are maintaining a single target for compromise: your SMS messages. Malware on your phone could be used to grab those SMS messages and then have full access to your account.”

    Moreover, both on-demand and two-factor authentication systems are exclusive and therefore users will be required to choose between the two.

    Simultaneously, John Bradley, Ping Identity’s senior technical architect, believes that this movenwill optimize account recovery and receiving a new password every time through SMS will be more secure than via email.

    Currently, only US-based users can use this feature.

  2. #2
    User fernando789's Avatar
    Reputation Points
    210
    Reputation Power
    39
    Join Date
    Feb 2014
    Posts
    36
    Time Online
    2 d 21 h 16 m
    Avg. Time Online
    1 m
    Mentioned
    2 Post(s)
    Quoted
    18 Post(s)
    Liked
    1 times
    Feedbacks
    0
    So, in the future each email will be attached to a phone #... no more 10 emails per user I guess.. unless they allowed the same mobile # to have more than one email.. also, what if my phone # was changed, I remember 5 years ago the phone provider where I live added "5" before the mobile # for all lines, lol, what if this happend all the sudden? I think yahoo are losing it.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •