Personal information leakage during password recovery of internet services

Mordechai Guri, Eyal Shemer, Dov Shirtz, Yuval Elovici

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In this paper we examine the standard password recovery process of large Internet services such as Gmail, Facebook, and Twitter. Although most of these services try to maintain user privacy, with regard to registration information and other personal information provided by the user, we demonstrate that personal information can still be obtained by unauthorized individuals or attackers. This information includes the full (or partial) email address, phone number, friends list, address, etc. We examine different scenarios and demonstrate how the details revealed in the password recovery process can be used to deduct more focused information about users.

Original languageAmerican English
Title of host publicationProceedings - 2016 European Intelligence and Security Informatics Conference, EISIC 2016
EditorsJoel Brynielsson, Fredrik Johansson
Pages136-139
Number of pages4
ISBN (Electronic)9781509028566
DOIs
StatePublished - 2 Mar 2017
Event7th European Intelligence and Security Informatics Conference, EISIC 2016 - Uppsala, Sweden
Duration: 17 Aug 201619 Aug 2016

Publication series

NameProceedings - 2016 European Intelligence and Security Informatics Conference, EISIC 2016

Conference

Conference7th European Intelligence and Security Informatics Conference, EISIC 2016
Country/TerritorySweden
CityUppsala
Period17/08/1619/08/16

Keywords

  • Information leakage
  • Password recovery
  • Personal information
  • Privacy
  • Security internet services

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems
  • Safety Research
  • Communication
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Personal information leakage during password recovery of internet services'. Together they form a unique fingerprint.

Cite this