Hi
I'm reviewing a web based blogging service. Currently on sign up, the
user has to enter a username, a display name and an email address. I
suggest that that username be replaced by the user's email address.
(from any email, say yahoo, gmail, hotmail, rediffmail, etc)
How would this impact the security of the product?
Get the feed