[standards-jig] JEP-0077 Password Changing Security Flaw

Matthias Wimmer m at tthias.net
Fri Jan 23 08:26:53 UTC 2004


Hi JD!

JD Conley schrieb am 2004-01-22 20:29:20:
[...]
> Comments?

I like it that you do not have to enter the old password. At my server
you could help many users that had forgotten their password but still
hat a client that stored it to get a password back by telling them how
they can change the password.


Tot kijk
    Matthias

-- 
Fon: +49-(0)70 0770 07770       http://matthias.wimmer.name/
HAM: DB1MW                      xmpp:mawis at charente.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20040123/e93d8e2a/attachment.sig>


More information about the Standards mailing list