[development] OpenId open to phishing attacks.

Derek Wright drupal at dwwright.net
Wed Nov 7 06:28:57 UTC 2007

On Nov 6, 2007, at 8:28 PM, Augustin (Beginner) wrote:

> On Wednesday 07 November 2007 01:12, Steven Peck wrote:
>> In further news, social engineering still works.
> What do you exactly mean, in this context?

Phishing is inherently about tricking humans into compromising their  
own security.  OpenID isn't unique in this regard -- look at how well  
many phishing operations work, regardless of the underlying  
authentication mechanism.

-Derek (dww)

More information about the development mailing list