Jump to content

Secure error messages in software systems

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Dcoetzee (talk | contribs) at 07:58, 7 February 2006 (moved Loose lipped systems to Secure error messages in software systems: Avoid neologism in favour of clearly invented name). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

This template must be substituted.

LOOSE LIPPED SYSTEMS

Usually when you enter your username and password on any webite and if any of them is wrong it repsonds with "Invalid Username / Password". This type of a system makes itself a little less vulnerable to the attacks.

But systems that respond with "Invalid Username" or "Invalid Password" are more vulnerable as attackers trying usernames or passwords know that either the username they've entered is right or the password they've entered is correct. This makes the system more vulnerable because it is somewhat Loose Lipped.

Such systems are called as Loose Lipped Systems.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Secure_error_messages_in_software_systems&oldid=38588446"