Topic: myopenid.com security flaw (Read 1872 times)
haha thats nothing, earlier this week i explained and demonstrated how easy it is to steal btc from there.
Please let's remember that myOpenID is only one of dozens of reputable Open ID providers. If your site accepts OpenID, you might consider advising users to avoid myOpenID, but there's absolutely no reason to avoid OpenID altogether. In fact, even if you don't trust any of the providers you find, with a little technical knowledge and a server, you can yourself become an OpenID provider (roll your own).
Hi,
I would like to point out that the title of the thread is a bit misleading. It is not an Intersango security flaw but one with myOpenID. I am not sure if myOpenID fixed the problem but as far as I know has never been an issue. Still the new version of Intersango does not rely on myOpenID
I would like to point out that the title of the thread is a bit misleading. It is not an Intersango security flaw but one with myOpenID. I am not sure if myOpenID fixed the problem but as far as I know has never been an issue. Still the new version of Intersango does not rely on myOpenID
Intersango relies on myopenid.com for user identification. However, it has been reported in the past that myopenid ids can vanish for no reason. It has been discussed here for example:
http://meta.stackoverflow.com/questions/88451/myopenid-account-mysteriously-vanished
Most disturbing of all, once your account is deleted it can be recreated by another person, and they can log into all the sites that rely on your id.
http://meta.stackoverflow.com/questions/88451/myopenid-account-mysteriously-vanished
Most disturbing of all, once your account is deleted it can be recreated by another person, and they can log into all the sites that rely on your id.
Jump to: