2007-07-18
Sign-in Seal of Yahoo
Yahoo has introduced a new approach to improve the security of user login. "Prevent password theft" link will be showed in the login dialog if you didn't setup the seal. Follow the link, you can create a sign-in seal for your computer. It could be a text message, or a image.
After reading their help content of this new anti-phishing method, I guess it's based on cookie, and I confirm my idea by a simple test.
The principal of Sign-in Seal should be:
The user upload an image or send some text, with a color choosed.
Yahoo server will produced a small gif image(less than 4KB) from those info.
Yahoo will create a long unique codes in a long-live cookie (expire after 30 years) on your computer, and everytime your browser visit Yahoo, it will be send back to Yahoo, and Yahoo will find your image from the unique codes and show it in the login page.
After reading their help content of this new anti-phishing method, I guess it's based on cookie, and I confirm my idea by a simple test.
The principal of Sign-in Seal should be:
The user upload an image or send some text, with a color choosed.
Yahoo server will produced a small gif image(less than 4KB) from those info.
Yahoo will create a long unique codes in a long-live cookie (expire after 30 years) on your computer, and everytime your browser visit Yahoo, it will be send back to Yahoo, and Yahoo will find your image from the unique codes and show it in the login page.
发表评论
hax
- 浏览: 139397 次
- 性别:
- 来自: 上海
- 详细资料
搜索本博客
最近加入圈子
最新评论
-
一个嵌入式HTML引擎
这个引擎的源码在什么地方可以下阿
-- by lizhaosuper -
注册Facebook的一点点用户 ...
注册验证码确实有点变态。好在只是一次性的。我经常看到一些网站每次留言都要验证码, ...
-- by hax -
注册Facebook的一点点用户 ...
那个注册验证码太强了点
-- by jinhao7773 -
注册Facebook的一点点用户 ...
第一次使用facebook也发现了这点。他的工作很细致。
-- by wutao8818 -
向左转?向右转?
这个论坛有人发过了
-- by lonelyblue
评论排行榜