Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

yahoo mail login security

from [Ace123] Network Security [Permanent Link]
Subject: yahoo mail login security
Date: Sun, 30 Apr 2006 13:25:37 +0530 
Clicking on "Why this is secure" link on the yahoo login page gives this:

"Yahoo! now submits your ID and password securely via SSL (Secure
Sockets Layer) encryption. This means that your personal information
is more secure every time you sign in.

In the past, Yahoo! used a challenge-response mechanism to protect
passwords using MD5. Passwords were scrambled using a one-way hash, so
that they could not be converted to clear text."


What could be the reasons why yahoo changed their login security mechanism?

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: cookies a fundamental threat?, chris m
Next by Date:  Googling or Google Hacking Security Conference slides, newslist@security-briefings.com
Previous by Thread:  Re: cookies a fundamental threat?, chris m
Next by Thread:  Re: yahoo mail login security, Andrew van der Stock
Indexes:  [Date] [Thread] [Top] [All Lists]