I broke into your e-mail and need to get you to force a password reset on some o... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

justizin on June 16, 2015 | parent | context | favorite | on: KeePass – questionable security

I broke into your e-mail and need to get you to force a password reset on some other account, so I maliciously modify to give you an invalid stored password.

jokamoto on June 16, 2015 | [–]

If the attacker already has control of the email address, they can reset the account without going to such lengths--just visit the site and request a password reset.

negus on June 16, 2015 | [–]

Could you please provide more details on suggested attack?

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact