Archives for the Date April 30th, 2007

Forgotten password

The easiest avenue into a site I’ve been writing an email web application recently and I have been thinking about making the forgotten password feature more secure as it is often the easiest avenue for an attacker to get into your web site. The major issue with these features is information disclosure, for example if […]