OpenLearning - Security
Contents
So I had forgotten my login credential to my OpenLearning account, so I had to do a password rese-
THIS EPISODE WAS BROUGHT TO YOU BY LASTPASS-
THE LAST PASSWORD YOU'LL EVER NEED TO REMEMBER.…
I used to use LastPass, but after their security was compromised in 2015, I switched to KeePass.
Yes, no actual passwords were stolen, but in the name of security, I decided to keep my password database offline.
So actually…THIS EPISODE WAS BROUGHT TO YOU BY KEEPASS -
THE LAST PASSWORD YOU'LL EVER NEED TO REMEMBER.
Anyway, so I had to do a password reset.
I put in my username in the password reset field.
But to my dismay…
My actual email account was displayed!!!
One could possibly say that this is a security concern.
It should probably say something like
“An email has been sent to the address associated with this account with instructions to reset your password”.
Of course, it could be helpful to those with several emails to specify which one.
What Microsoft does with their account verification process is to only display some of the letters.
i.e. to show m**ac***l@e****.acc****
Anyway so that was a tangent.
Pretty much, those emails never arrived in my inbox… (Or maybe, they were never sent! :o)
I ended up just copying my browser cookies from one machine to another!