Posted on Mon, Apr 23, 2007:
As part of our ongoing commitment to your data security, password verification is now required for sensitive operations. Click for more information.
The main thing your users (and you) will notice is that they need to verify their own password when editing their account. This will mitigate the risk in this scenario:
- User logs on from a public terminal.
- User leaves terminal, forgetting to log off.
- Bad guy notices this, goes to your account, and tries to change your password so that he can continue using your account from another computer.
- Bad guy fails, because he doesn't have your current password.
- Bad guy keeps using account, but only on that machine, and only until you log on from another computer, which will boot him off for good.
This applies to all users, but in particular administators. We've also required passwords to do sensitive operations, such as editing another user's account and assigning administrative rights. This way, if an administrator leaves himself logged in, the bad guy can't create his own account and assign himself unrestricted administrative rights through your orphaned login.