Thread: Secrurity Risk
View Single Post
Unread 27 Mar 2011, 13:28   #7
Influence
Finally retired
 
Join Date: Mar 2007
Posts: 788
Influence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to behold
Re: Secrurity Risk
Quote:
Originally Posted by DoDDy View Post
However, anyone with the know-how of obtaining your details would probably not bother with cracking PA to obtain them as there is no real financial gain from it.
The thing is that you don't need to crack PA in order to obtain unencrypted data from the datastream between the user and PA. You can use a simple packetsniffer to analyze the datapackets sent over the network. This is a practice that is commonly used on open and public (wireless) networks.

And given the fact that people allways use the same password (for reasons of ease) adding another 'fixed' field in the login process is frowned upon. Especially over unencrypted connections.
__________________
don't be an arse, join [TiT]

In the absence of the good old TiT alliance, look me up in VGN
Influence is offline   Reply With Quote