Saturday, July 9, 2016

Fake Passport Copy can hijack anyone's Facebook Account

BBC has the story. The confusion is that a scan of a passport is much easier to forge than an actual passport. This is a truly hard problem: how do you give people the ability to get back into their accounts after they've lost their credentials, while at the same time prohibiting hackers from using the same mechanism to hijack accounts? Demanding an easy-to-forge copy of a hard-to-forge document isn't a good solution.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.