posted by Kravvitz at 3:51 PM on Feb. 16th, 2011Category: Miscellaneous 0 comments
I don't often write about security (other than to remind various people of the need to always validate form submissions on the server), because despite its extreme importance it's not one of my specialties. However, recently I've had a disturbing thought about the utmost importance of keeping your email accounts secure.
You see, if someone were to gain unauthorized access to an email account, he could look through the messages to see what sites the account has been used to sign up for and then on many of those sites the "forgot my password" form could simply be used to request the password be emailed to him. This has the potential of one breach leading to dozens of further breaches.
One simple thing that might help a little that I seem to remember seeing used is to ask the user to provide both the username and the email address. Of course, if the username is included in the email messages, then this wouldn't be much help. This wouldn't always help though, because sometimes the username is the same as the "local-part" (part before the "@") of the email address. On other sites this isn't possible because they use the email address as the username.
So do you have any suggestions as to what might be a good way to maintain the convenience of being able recover a lost password and yet mitigate this threat of unauthorized access to multiple accounts as a result of a security breach to an email account?