LucaCinquini
commented
8 years ago The online display of information has been removed - the information is just sent by email now.
Closed LucaCinquini closed 7 years ago
LucaCinquini
commented
8 years ago The online display of information has been removed - the information is just sent by email now.
murphysj
commented
7 years ago Can't see this in action because we need an IDP but I see in the code the extra text has been removed.
Who: NOAA security
The "Forget Openid" functionality allows a user to retrieve their openid, username if they provide their email. Currently, this functionality both emails the information to the user, but also displays it online. The online display could be used to guess user credentials and execute a brute-force attack.