Issue metadata
Sign in to add a comment
|
Major Security breach (Gmail ignores dot)
Reported by
low...@gmail.com,
Apr 30 2018
|
||||||||||||||||||
Issue descriptionsince a while I'm having troubles with instagram, my password is modified by someonelse... Looking forward to this, i've discovered that an email@ gmail.com can be used with a 'dot' in the middle and it is still sent to the 'not dot email' : example: my mail : lowliv@gmail.com can be used for login to a website. a Hacker can create a mail like low.liv@gmail.com (with another name and surname) and the mail will be the same! I can send emails to all my google's account adding a '.' in and I still receiving the mail. So If I want to hack an account using gmail, I just have to create a similar account but with a 'dot (.)' inside and I will be able to reset any password! Well done ! (i'm waiting on a feedback from your team ) Kind Regards Lowliv
,
Aug 6
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Apr 30 2018Status: Duplicate (was: Unconfirmed)
Summary: Major Security breach (Gmail ignores dot) (was: Major Security breach)