BT mail security issue :: BT Broadband

User comments on ISPs
>> BT Broadband

Pages in this thread: 1 | [2] | 3 | (show all)

Print Thread

MrSaffron
(staff) Fri 25-Nov-11 08:38:47

Re: BT mail security issue

[re: deleted] [link to this post]

http://www.pcpro.co.uk/news/security/371347/mysterio...

Yahoo which is the core bit of BT email, so not your PC, but suggestion is a brute force dictionary attack

Andrew Ferguson, [email protected]
www.thinkbroadband.com - formerly known as ADSLguide.org.uk

The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.

Zadeks
(committed) Fri 25-Nov-11 09:29:15

Re: BT mail security issue

[re: deleted] [link to this post]

Switch to gmail. Use a strong password with two factor authentication.

RobertoS
(sensei) Fri 25-Nov-11 09:35:45

Re: BT mail security issue

[re: Zadeks] [link to this post]

The article also says gmail is at risk.

Further investigation reveals similar issues are being reported by Gmail and Yahoo Mail users, with thousands of forum complaints about the issue over the last month.

My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - IDNet Home Starter Fibre. Live BQM.

"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.

Zadeks
(committed) Fri 25-Nov-11 10:13:28

Re: BT mail security issue

[re: RobertoS] [link to this post]

Read up on Google's two factor authentication.

http://googleblog.blogspot.com/2011/02/advanced-sign...

deleted
(deleted) Fri 25-Nov-11 11:12:43

Re: BT mail security issue

[re: Zadeks] [link to this post]

Looks good, but it does all depend on you having a mobile phone ...

Some of us don't use them ... so what do we do to gain extra security????

Bah, Humbug!

Rob

Zadeks
(committed) Fri 25-Nov-11 11:14:13

Re: BT mail security issue

[re: deleted] [link to this post]

You can use a land line instead.

deleted
(deleted) Fri 25-Nov-11 11:40:24

Re: BT mail security issue

[re: Zadeks] [link to this post]

Aha, thanks ... the blurb does not mention that ... useful to know ... not a lot of good if you are trying to read your mail out of the home wink

But, I guess it's better than nothing ... and you can use the "don't ask again for 30 days" thing).

Too much reliance on people owning/using mobiles (and things like twatter etc).

Yet another example of the digital divide - a great concern once you think about the elderly.

Rob ( ex-programmer, who crashed his first machine in 1966, an Elliot Automation 803 !!)

XRaySpeX
(eat-sleep-adslguide) Fri 25-Nov-11 13:29:43

Re: BT mail security issue

[re: Zadeks] [link to this post]

In reply to a post by Zadeks:
You can use a land line instead.

Are you sure? Not many landline handsets do SMS.

Mine does, but every site I've used that wants a phone to send SMS security/confirmations will not accept a landline #.

1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 19 Meg WBC

Zadeks
(committed) Fri 25-Nov-11 13:30:45

Re: BT mail security issue

[re: XRaySpeX] [link to this post]

It comes as a voice call and the robot reads out the code.

deleted
(deleted) Fri 25-Nov-11 13:48:06

Re: BT mail security issue

[re: orly] [link to this post]

The problem with that it that is can create a DoS attack vector.

The authentication system in our apps does this, unlocking the account after an hour to avoid admin intervention being required unless the user needs to login during that one hour window. It isn't difficult to implement but I can see why a large ISP might not want to: they might get lots of people phoning up to have their account unlocked either because they've got the password wrong themselves a few times or a brute force attempt has happened (support staff are not a free resource).

Pages in this thread: 1 | [2] | 3 | (show all)

Print Thread

Jump to