tokens for account info in an extranet application, easily catches sql injection, brute force attacks, intellectual property theft...
It's pretty common to use basically the same principle to track junk mail address lists; i.e., use a variant of your name when you register for some service and then see what sort of mail (either postal or electronic) shows up with that telltale address.
m5x
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
