Brian's Blog

…one man's contribution to the Weeeeerly Wild World

Forgot your password? – what gets revealed…

I don’t know where to go with this, but the crux of this issue is this:

Go to a website where you have an account, be it an e-mail account, social networking website, or online auction site etc. Go to sign in but click the link to say you forgot your password. Lots of websites will require your e-mail address at this stage.

What can happen next, depending on the website and what settings/details are in place, might be a little concerning, or a lot, but with some, by giving ‘your’ e-mail address, some concerning details can be presented. Some websites show ‘your’ phone number (to text a reset code to for example), others will present ‘your’ full name (so you can be sure you’re trying to sign into the correct account).

This is all concerning stuff, because what if someone else puts in your e-mail address and clicks the ‘forgot password’ link? The point is, if someone knows your e-mail address (which might be all you want to reveal to a stranger), they can possibly find out such details as your phone number or full name, which you might not be happy about having shared.

Some websites are more considerate about presenting such details of yours as they might only show the last few digits of your phone number, for example, which is enough for you to be sure it’s the right one.

I have seen a popular e-mail service show a full phone number (which I have tried contacting them about with no reply), and I have seen Google show someone’s full name.

Delving into the (privacy) settings of that account may help you to opt out of certain things, although it has been common for a while for some websites to ask to use your phone number as a security step. In one case I looked at, there were options, but they proved useless and the leak remained (there can also be discrepancies between old and new accounts).

What does the “Forgot your password?” question tell the world about you?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on 25 August, 2014 by in Internet and tagged , , , , , , , , , .
%d bloggers like this: