@inproceedings{91c4433c631e40fda81aee2f02b67754,
title = "Personal information leakage during password recovery of internet services",
abstract = "In this paper we examine the standard password recovery process of large Internet services such as Gmail, Facebook, and Twitter. Although most of these services try to maintain user privacy, with regard to registration information and other personal information provided by the user, we demonstrate that personal information can still be obtained by unauthorized individuals or attackers. This information includes the full (or partial) email address, phone number, friends list, address, etc. We examine different scenarios and demonstrate how the details revealed in the password recovery process can be used to deduct more focused information about users.",
keywords = "Information leakage, Password recovery, Personal information, Privacy, Security internet services",
author = "Mordechai Guri and Eyal Shemer and Dov Shirtz and Yuval Elovici",
note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 7th European Intelligence and Security Informatics Conference, EISIC 2016 ; Conference date: 17-08-2016 Through 19-08-2016",
year = "2017",
month = mar,
day = "2",
doi = "10.1109/EISIC.2016.035",
language = "English",
series = "Proceedings - 2016 European Intelligence and Security Informatics Conference, EISIC 2016",
publisher = "Institute of Electrical and Electronics Engineers",
pages = "136--139",
editor = "Joel Brynielsson and Fredrik Johansson",
booktitle = "Proceedings - 2016 European Intelligence and Security Informatics Conference, EISIC 2016",
address = "United States",
}