- Original Message -
I see you have different error messages during login for:
invalid email address
user does not exist
invalid password
It might be better to return the same message for all so the hostile
hacker can't learn as much about your users.
Good point.
Marcin Soltysiak wrote:
- Original Message -
I see you have different error messages during login for:
invalid email address
user does not exist
invalid password
It might be better to return the same message for all so the hostile
hacker can't learn as much about your users.
- Original Message -
From: X-Istence [EMAIL PROTECTED]
Marcin Soltysiak wrote:
- Original Message -
I see you have different error messages during login for:
invalid email address
user does not exist
invalid password
It might be better to return the same
I see you have different error messages during login for:
invalid email address
user does not exist
invalid password
It might be better to return the same message for all so the hostile
hacker can't learn as much about your users.
Rick