Thread: Wordpress Blog Hijacked?
View Single Post

  #3 (permalink)  
Old 27-06-2008, 11:17 AM
Cormac's Avatar
Cormac Cormac is offline
Cormac Moylan
Recent Blog: ?10 .ie domains from Blacknight - One Day Only!
  
Join Date: Jan 2006
Location: Baile Ath Cliath / Corcaigh
Posts: 1,252
Nominated 0 Times in 0 Posts
TOTW/F/M Award(s): 0
Cormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud ofCormac has much to be proud of
Send a message via AIM to Cormac Send a message via MSN to Cormac Send a message via Yahoo to Cormac Send a message via Skype™ to Cormac
Default
I don't get it. Why would somebody use SMS instead of something like email to two step authenticate their login?

Who pays for the text message?
What if the SMS server is down? - Can I still login?
What does the plugin author do with my mobile number?

There are other ways to get hijacked other than simple username/password breaches. Just use SSL on your login page if you are concerned about u/p sniffing.
__________________
blog | Geansaí Gorm - Written entirely in, awful, Irish! | Me on Blue Jumpers
*
Reply With Quote