Watch out: don’t lose your passwords when you sign up online

June 28, 2017


Who would have thought that by providing registration information on one site, you could make other online accounts vulnerable? That’s exactly what Dr Nethanel Gelernter and other researchers at the Israeli College of Management Academic Studies demonstrated via their paper The Password Reset MitM Attack presented at the 38th IEEE Symposium on Security and Privacy.

In their paper, the researchers show how Facebook, Google and others are vulnerable to the password reset man-in-the-middle (PRMitM) attack. Here’s how it works:

Read More on Naked Security