Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

yahoo mail login security
From: Ace123 <flace9 () gmail com>
Date: Sun, 30 Apr 2006 13:25:37 +0530
Clicking on "Why this is secure" link on the yahoo login page gives this:

"Yahoo! now submits your ID and password securely via SSL (Secure
Sockets Layer) encryption. This means that your personal information
is more secure every time you sign in.

In the past, Yahoo! used a challenge-response mechanism to protect
passwords using MD5. Passwords were scrambled using a one-way hash, so
that they could not be converted to clear text."


What could be the reasons why yahoo changed their login security mechanism?

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. Change the way you
think about application security testing - See for yourself.
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]