Jump to content

Secure error messages in software systems

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by ANIL SADHWANI (talk | contribs) at 19:08, 6 February 2006. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

LOOSE LIPPED SYSTEMS

Usually when you enter your username and password on any webite and if any of them is wrong it repsonds with "Invalid Username / Password". This type of a system makes itself a little less vulnerable to the attacks.

But imagine a system that would respond with "Invalid Username" or "Invalid Password". This makes it more vulnerable as the attacker would know that either the username he has enterred is right or the password that he is trying is correct. This makes the system more vulnerable because its a lilte Loose Lipped.

Such systems are called as Loose Lipped Systems.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Secure_error_messages_in_software_systems&oldid=38495722"