Tuesday, Tuesday, February 05, 2002, 12:01:50 PM, Robert L Mathews wrote:
> a) writing down this password for later use as their "password"; or
> b) not reading the message properly and trying to use their own
> "password" on the approval page.
I can verify that both of these events actually do occur, and
semi-regularly.
To be honest, I'd rather see the authorization "password" or code,
whatever you want to call it, passed as a part of the URL. The user
has to affirmatively approve the transfer on the next page anyway.
I know, I know, we've had that discussion in the past, I still think
it is a good idea :)
-- Best regards, William X Walsh <william@userfriendly.com> -- OpenSRS installation and customizations Payment Processing Integration Apache Installation and Support Services http://www.wxsoft.com/
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:03 EDT