Security News > 2017 > June > Password Reset MITM: Exposing the need for better security choices (Help Net Security)

Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites and messaging mobile applications, researchers have demonstrated. The Password Reset MITM attack The Password Reset Man in the Middle (PRMITM) attack exploits the similarity of the registration and password reset processes. To launch such an attack, the attacker only needs to control a website. To entice victims to … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/IbYnsU5PlKE/