Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« Results of the Web Application Security Professionals Survey Available | Main | Rich data: the dark side to Web 2.0 applications »

Utilization of the same credentials across various sites

For years people have been getting their online accounts compromised due to phishing as well as via  brute force attacks due to poorly chosen passwords. We also know that people tend to share the same credentials across multiple sites however I haven't seen any concrete research/metrics on how commonplace this is or the depth of information an attacker can gather using this approach. The difficulty with this type of research is that the only way you can tell is

A. You're testing each of these sites, each being its own felony and highly illegal.

B. You're an owner of one of these sites working with the others to correlate this in a safe non privacy infringing manner.

Does anyone know of anybody doing something like this or a published report?

Posted by Robert A. on 07/30/2008 in Rant | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals