‘Forgot your password?’ may be weakest link in web security
Almost everyone forgets a Web site password once in a while. When you do, you click on the familiar Forgot your password? link. As an experiment, Thompson recently asked a few friends for permission to “hack” into their bank accounts. Using only information gathered from Web sites such as Facebook, he found his way in to each account within minutes
read more | digg story
