[thelist] Usernames and Passwords
Lee Kowalkowski
lee.kowalkowski at googlemail.com
Tue May 1 11:32:04 CDT 2007
On 01/05/07, Ken Snyder <ksnyder at coremr.com> wrote:
> Lee Kowalkowski wrote:
> Although Ebay could have remedied the situation by some better
> application logic, the heart of the problem is that email addresses are
> not unique over time.
Not unique in what way? You can't duplicate an email address like you
can't duplicate instances of cars (yet). Ownership can be
transferred, access can be shared, just like cars, but they are still
unique things. Usernames can change hands in a similar way.
eBay should have prevented registration with an existing email address
if they're using email addresses as unique identifiers.
> Anyway, just wanted to share my story on the woes of email address
> recirculation.
Thank you, it was useful to know. I think the actual victim is the
previous owner, it seems it was their security that was comprimised.
Which supports my stance that people who user their email addresses
for important things should protect them. Before letting such an
email address go, one should perhaps consider breaking these kind of
associations, like closing or properly updating related accounts.
--
Lee
More information about the thelist
mailing list