index.md 1.3KB
title: Granted access lang: en
You can — and should — be taking some precautions to ensure that, say, an auto-created subdomain for a user account doesn’t conflict with a pre-existing subdomain you’re actually using or that has a special meaning, or that auto-created email addresses can’t clash with important/pre-existing ones.
But to really be careful, you should probably also just disallow certain usernames from being registered.
Let me tell you a story about that. I have the username david on Bitbucket. You might think it’s quite harmless and I do agree.
There is no such week for the last ten years without somebody giving me write access to a private repository. This is not intentional, it is a user experience security flaw that is really hard to spot. And still, I get access to so many critical stuff!
Even with good will, I cannot find an elegant solution to that confusion. The first year I sent an humorous email about that to each owner and then I gave up. Now imagine if I was nasty…
My point is: even with a strong password — two-factors authentication or whatever — when the user interface is confusing social hacking is made incredibly simple.