Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - University password website wide open for 3 years-> 1

Submitted by
An anonymous reader writes "The University of Maryland's student newspaper reported today that the school's password change website allowed malicious users to change the password of any university student or faculty/staff member until this weekend. The website requires users to answer "security questions" and enter their social security number and birth date, but the system didn't actually check those values, so an attacker could have changed passwords to get access to any password-protected university service. The website has been operational for three years, but the school's IT department says no one has exploited this vulnerability."
Link to Original Source

If you analyse anything, you destroy it. -- Arthur Miller

Working...