+---------- On Jan 27, Jerry Asher said: > So I figure out Dossy's aolscreen name, I cons together your daughters > name and guess your password, and then I get to steal your email.
A secure interface for changing your forwarding address must verify that you control both the old address (if it has no other way of verifying your identity) and the new address. The only reasonable way to do so is by sending passwords of some sort to both the old address and the new address, and requiring both passwords to be entered somehow before effecting the address change. If someone needs help implementing such a mechanism in AOLserver, I can provide some code. (I wrote it over a year ago for mail.mayoff.com.)
