Comments on: IE & Firefox Both Effected by Fake Login Flaw http://www.darknet.org.uk/2006/12/ie-firefox-both-effected-by-fake-login-flaw/ Ethical Hacking, Penetration Testing & Computer Security Thu, 20 Nov 2008 13:44:30 +0000 http://wordpress.org/?v=2.6.3 By: chris http://www.darknet.org.uk/2006/12/ie-firefox-both-effected-by-fake-login-flaw/#comment-54794 chris Thu, 08 Feb 2007 23:00:34 +0000 http://www.darknet.org.uk/2006/12/ie-firefox-both-effected-by-fake-login-flaw/#comment-54794 I did a search on this cause I knew someone would do it, fed by a bit of paranoia on my part. <b>The simplest way to fix it is...</b> In the Password Remember options; the user selects or types something that should be shown every time the box comes up... eg. Welcome message [H3ll0 Cr4zy M4n!] Thus, if you don't see that in the global password request box then you would know it's a phis attempt :) Is that the best solution or what<b><code><em>?</em></code></b> I did a search on this cause I knew someone would do it, fed by a bit of paranoia on my part.

The simplest way to fix it is…
In the Password Remember options; the user selects or types something that should be shown every time the box comes up…
eg. Welcome message [H3ll0 Cr4zy M4n!]

Thus, if you don’t see that in the global password request box then you would know it’s a phis attempt :)

Is that the best solution or what?

]]>