[mdlug] TigerDirect admins are clueless
Dan Pritts
danno at umich.edu
Thu Jul 26 12:18:51 EDT 2007
not their admins, their developers.
let's not fix our tangled mess of crappy code to prevent perl
metacharacters from causing a problem; let's just do a bandaid to
prevent people from using them in their passwords.
On Thu, Jul 26, 2007 at 12:03:39PM -0400, Jeff Hanson wrote:
> Dear Jeff Hanson,
>
> In an effort to improve security, we have eliminated certain
> previously allowed characters for use in the creation of a password.
> (Example: > < @ ')
>
> Our records indicated that one or more of these characters were used
> in your password. We have since reset your password.
>
> To retrieve your new password, simply click the link below and enter
> your email address ( jhansonxi at gmail.com ). We will immediately send
> you your new password. You may then update your password in the "My
> Account" page after logging in.
>
> Link to retrieve your new password:
> https://www.tigerdirect.com/cgisec/send_password.asp
>
> -------------------
> Guess what they're running:
> http://searchdns.netcraft.com/?host=tigerdirect.com
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
danno
--
dan pritts
danno at umich.edu
734-929-9770
More information about the mdlug
mailing list