Facebook and Yahoo prevent use of recycled email addresses to hijack accounts

Facebook and Yahoo have developed a mechanism to prevent the owners of recycled email addresses from hijacking accounts that were registered on other sites using those addresses in the past.

Last year, Yahoo announced a policy that involves deleting inactive email accounts and making their IDs available again for registration. Microsoft has been doing the same with Outlook.com accounts.

The practice of recycling email addresses has been criticized by security and privacy experts because it opens up the door to abuse. Attackers could register deleted addresses and take over accounts on third-party sites that use them for confirming password change requests. In addition, the recycled addresses might continue to receive messages containing sensitive information that is destined for their previous owners.

To read this article in full or to leave a comment, please click here

Read more: Facebook and Yahoo prevent use of recycled email addresses to hijack accounts

Story added 24. October 2014, content source with full text you can find at link above.