Re: serious security issue #login


Nivard Ovington
 

I don't think anyone raised it as it very likely didn't happen

Has anyone here ever received a log in message without asking for it?

I certainly haven't and no one has ever mentioned it to me

I would lay odds that the subscriber whose link it was, inadvertently clicked the link without realising what it did (or ooh what does that do?)

Then they received a log in link and not realising what it was, forwarded it to the admin and as it was within 24 hours they managed to log in

I do not see it as a security risk, I see it as ignorance on the part of the users

Nivard Ovington in Cornwall (UK)

On 18/05/2020 15:07, Chris Jones via groups.io wrote:
On Sun, May 17, 2020 at 03:57 PM, Peter Cook wrote:
In response to replying to a group post, one of my members received
this.
I may have overlooked something that someone has posted but IMHO the oddity in this case is that it was sent out when it neither needed to have been or should have been. As the link was applicable to the account of the person to whom it was originally sent  - albeit for reasons unknown and not obviously explicable - then there was /no/ immediate risk to a member's security.

Join GroupManagersForum@groups.io to automatically receive all group messages.