TO WHOM IT MAY CONCERN (IT, Internet, Technical and CyberSecurity Communities) – more experiences with web profiles –

Often I come across a situation where my login credentials stop and are not accepted on web sites login page and requires password reset. I provide my email address in the dialog box and instructions to reset are received in the inbox, click the link, follow the instructions and it gets fixed.

However if someone in the back ground on the server changes email address to a unknown address, the instructions and the password will go to some one else’s inbox. In such situation one loses the profile (may or may not be critical, but is a serious matter). If the profile owner/creator changes email address to an alternate known email address is perfectly okay, but to change the email adress of some one’s profile with the intention to take it over is very wrong and should be illegal by law (CyberSecurity should look into such practices).

At times my profiles become inaccessible even if correct password. What could be the reasons. Perhaps some one changes the email address in the background and system fails to recognise my email address for password recovery. It is hard to imagine that businesses would be involved in such activities which can cause lot of trouble for the original owners. It is a very petty and unethical way to take over others work.

Now adays android phones have sensor for finger prints to identify the authentic person to login, so manufacturer should consider to incoporate (or as an external add on) such biometric sensors in other devices and computers for authentication and login. It would be unwise just to rely on email and password, which is a very week autentication method.

publishd by

KHALID MAHMOOD

M01684340561220

plus code 86M265J2+76

ph:(289)990-6590

2-671 Fennell Ave. East,

Hamilton Ontario L8V1V3

Leave a Reply