aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/todo/emailauth.mdwn7
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/todo/emailauth.mdwn b/doc/todo/emailauth.mdwn
index bd9428756..05b7f1177 100644
--- a/doc/todo/emailauth.mdwn
+++ b/doc/todo/emailauth.mdwn
@@ -31,13 +31,14 @@ A few points to make this more secure:
Still, this could be attacked:
* If an attacker can access a user's inbox, they can generate a new login
- link, and log in as them.
+ link, and log in as them. They are probably busy draining their bank
+ account by this method and not logging into some wiki though.
* If TLS is not used for the email transport, a MITM can snoop login links
- and use them.
+ and use them. Again probably more lucrative ways to exploit such a MITM.
* If https is not used for the login link, a MITM can intercept and proxy
web traffic and either steal a copy of the cookie, or use the login
link themselves without letting the user log in. This attack seems no
- worse then using password authentication w/o https, and the solution is
+ worse than using password authentication w/o https, and the solution is
of course https.
* If an attacker wants to DOS a wiki, they can try to get its domain, IP,
whatever blacklisted as a spam source.