Wednesday, March 8, 2006

More Google Authentication Flaws

Garett Rogers reports that by sharing the URL you get after logging in to the Google Page Creator, you may inadvertedly also allow others to get into your Page Creator account... without ever having to enter your password. (I could reproduce this problem.) This security flaw is related to a previous one for Google’s book search, which also had the “auth” parameter in the URL. Just to be sure, if you ever see this “auth” parameter in your URLs, remove it before sending the URL to anyone.

More Google Authenticatio ... by Philipp Lenssen | Comments (5)

>> More posts

Advertisement