Author

Topic: myopenid.com security flaw (Read 1889 times)

full member
Activity: 224
Merit: 100
September 22, 2011, 05:16:46 AM
#4
haha thats nothing, earlier this week i explained and demonstrated how easy it is to steal btc from there.
full member
Activity: 218
Merit: 100
September 07, 2011, 01:08:09 PM
#3
Please let's remember that myOpenID is only one of dozens of reputable Open ID providers.  If your site accepts OpenID, you might consider advising users to avoid myOpenID, but there's absolutely no reason to avoid OpenID altogether.  In fact, even if you don't trust any of the providers you find, with a little technical knowledge and a server, you can yourself become an OpenID provider (roll your own).
member
Activity: 100
Merit: 10
September 01, 2011, 07:05:33 AM
#2
Hi,

I would like to point out that the title of the thread is a bit misleading. It is not an Intersango security flaw but one with myOpenID. I am not sure if myOpenID fixed the problem but as far as I know has never been an issue. Still the new version of Intersango does not rely on myOpenID
full member
Activity: 136
Merit: 100
July 12, 2011, 07:08:15 PM
#1
Intersango relies on myopenid.com for user identification. However, it has been reported in the past that myopenid ids can vanish for no reason. It has been discussed here for example:

http://meta.stackoverflow.com/questions/88451/myopenid-account-mysteriously-vanished

Most disturbing of all, once your account is deleted it can be recreated by another person, and they can log into all the sites that rely on your id.
Jump to: