Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] webmail password protection?



On 25/01/06, David J Iannucci <jlinux@example.com> wrote:

> When I log in, rather than typing, I copy and paste characters off the
> text on the login page (to thwart keyloggers).

Great hack!

> I might be very naive, but I figure this is safe enough to use almost anywhere.

Probably true. As you have noted, you are not safe from a determined
attacker, who will just snag the username and password from the
machine's memory when the browser gets ready to submit it (even though
the *connexion* may be HTTPS, the local machine will have the
plaintext!), or van Eck[1] it .

-Josh

[1] http://en.wikipedia.org/wiki/Van_Eck_phreaking

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links