Tuesday, January 17, 2006

Flaw in Yahoo! Password Recovery

Let me walk you through the steps where you can easily change anyones password, provided you know the correct personal details & if that person has actually entered the correct details while signing up for Yahoo! mail account.
  1. Yahoo! Mail home.
  2. Click on this link "Forget your ID or password?"
  3. Now if you know the person's details and the Yahoo ID, go ahead and fill up the form.
  4. After that, all you need to do is to click the button Get NEW Password, Figure.
Once you click that button, the Password is changed and thats enough to do the damage. Then the end user has to follow the procedures to retrieve his/her password as told in my previous post.

I feel the Step 4 i.e. clicking on the button Get NEW Password should be provided to the End User only after he answers the Secret question correctly, so that there is no unecessary change of password.

Xploring Yahoo! Password Recovery

It was an awful experience yesterday evening, as I was signing out of my yahoo mail, a strange thought struck me to find out the Challenging question [the secret question you choose while registering yourself for a Yahoo Mail Account]. It has been almost 9 years since I have been using Yahoo Mail and through these years I have changed my PWD occasinally by using the EDIT option, but never tried this way. Since I wanted to find out the Challenging Question, I filled up the password recvoery form & choose GET NEW PASSWORD. Guess what it throws up the secret question "PEOPLE", I had no idea what on earth does that mean? [even now I have no clue about the answer:)]. Then I try signing into my Yahoo Account, guess what happens?, the password has been changed. What started off as exploration, I ended up loosing one of my VIRTUAL Avatar. Even after the invasion of GMAIL, I still use Yahoo Mail & Instant Messaging(IM) regularly @ work & also for keeping in touch with friends, bloggers, school and college buddies, ex-colleagues. So loosing this avatar meant a lot to me, as I would loose lot of contact information[well I could have recovered most of the information & created another Yahoo Account] but that takes a lot of effort and time in organizing your contacts in your virtual address book; adding all the contacts on your IM according to the groups; updating everyone about this new avatar would be a pain.

Now you would ask me aren't there ways you could recover your password. Well there are two options a) You either answer the Challenging question correctly, so that the NEW password gets displayed once you have ANSWERED it correctly or b) Yahoo would e-mail the NEW PASSWORD to your alternate email (NON-YAHOO). Since, I couldn't find a logical answer for the first option, I had no other option but to opt for sending a mail containing the NEW PASSWORD to my alternate mail ID. Well the misery didn't end there, I didn't know for sure which was my alternate mail ID. But, Yahoo! provides a decent help in recovering your passwords, they have taken care of all kinds of scenarios [to be frank they have actually messed up this whole thing of recovering password, I am gonna take that on my next post]. In order to know/change my alternate mail ID, I fill up one more form & submit it for Yahoo Account Services(YAS), within an hour or so I get my first response from them asking me to provide some personal details for verification. I replied back with all the information. After 30 mins, I recieve another mail from Yahoo Account Services asking me to follow the entire procedure of filling up the password recovery form. I followed the entire process religiously and choose Option 2 [send the password to my alternate mail], after the completing the formalities, it displayed a message in another 15 minutes or depending upon the internet traffic a mail would be delivered to your alternate email cotaining my NEW password. Did wait patiently for 20 mins, but I didn't receive any mail from Yahoo Account Services.

Wrote one final mail to YAS that I had not recieved any mail containing the new password even after 30 minutes and I signed off. I told myself that it was time to put all these things behind and rather study for my exams which are due sometime next weekend.

Thanks a lot to Yahoo! Account Services and I hope they modify their design for password recovery.

P.S: Don't ever try to play with your virtual avatars because it holds the key to connecting to the virtual world. BTW, I got a mail from YAS today morning with the NEW PWD and I am happyto have my old Yahoo avatar:)

Saturday, January 14, 2006

PHL:Bangalore Lions beat Jallandhar Shers

Bangalore Lions defeated Sher-e-Jallandhar by 2-0, thereby registering their first win in this seasons Premier Hockey League(PHL). Tomorrow, Bangalore Lions face the current leaders in PHL, Chandigarh Dynamos, I am sure the match will be interesting & I hope Bangalore Lions would that game too;)

I thank the Indian Hockey Fedeartion(IHF), ESPN-Star & Leisure Sports Management for the concept of PHL & supporting Hockey in India.

More action can be got here: Official site of PHL | Fixtures | Teams | News | Wallpapers

Tuesday, January 10, 2006

1 year @ SourceN

This day last year I joined SourceN, so I officially complete 1 year working for SourceN. This is my second job in my Professional life and got to learn a lot of new things in technology, domain knowledge and business model. There are few things which I experienced for the first time,
  • Working for a true 'Startup'.
  • Distributed Working Environment.
Working for a 'Startup' is completely different from a Big company, both have their pros & cons (will follow it up with a different post). I bet it is fun working for a 'Startup' if your have the right mindset. Even though my previous company ReadiMinds was a Small Company, here we were just 6 of us the day I joined. Today we are almost 5 times that number and have an independent setup in the Silicon Valley of East a.k.a Bangalore.

Distributed Working Environment(DWE) was something new to me and I was not used to, what exactly do I mean by DWE, where simultaneous software development occurs at different geo-graphical locations or in simple words where two teams spread geo-graphically are working on the same product/application. This was the most challenging task during the inital few months to co-oridante development work @ both ends and also have the same picture of the design, ideas & thoughts during the Software Devlopment Life Cycle(SDLC). We managed to pull it off despite all the infrastructre hurdles then. Now we have Video conferencing which makes things easier during the SDLC. There are few areas which has scope of improvement in the implemenation stages, which I am sure we could achieve during the following year.

During this one year I got to learn and expand my knowledge base on many of the technologies and domain. During the initial days, the privileged 6 got to listen the seminar from AjayRamachandran, CTO, Vice President & General Manager, Raining Data Corporation, on some of the interesting subjects like SCM, RFID, Evolution of SCM, Next Generation of SCM, Learning Quadrants, the power of XDMS Tiger Logic and the vast Use-Cases which we documented at the of the 5 day seminar.

I also was given the oppurtunity from Ash Parikh, Director of Development and Technology, Raining Data Corporation, to contribute on two artilces related to Web-Servies @ JavaWorld.

I would like to thank Deepak Ramachandra, CEO of SourceN, Karma Bhutia General Manager, SourceN, Colleagues at SourceN for all the support & making a wonderful place to work. I also would like to individually thank all my Team members Leo Fernandez (who happened to join the same day as I did), Shaumik Baneerjee(former), Madhukar Tryambake(former), Bala Subramaniam(former), Muhammed Yaseen, Kuldeep Singh, Santosh Subramanyam, Saravanan(former), Phani Kiran and Jagadish Pampatwar at SourceN & Ash Parikh, Premal Parikh, Anthony Sangha and Srinivas Raju at Raining Data Corporation for their guidance and help during the development phase. I know @ certain stages of design phase, I have been very vocal about the design, there was no ill-will against anyone in person & it was only for the betterment of the products. If I have hurt anyone during that phase I sincerely apologize for it.

Overall it has been a good year for all of us myself, SourceN & Raining Data Corporation, lets hope to replicate the same this year.

Monday, January 09, 2006

English version of the Shaayari

"Oh ...the rising Sun of the New Year
like the promising rays of Sun,
you too promise me that,
you will illuminate the path of those,
who follow the path of their Heart"

I thank my friend Kuldeep in helping me translating this to English.

2005: Year In Pictures

Tuesday, January 03, 2006

Naya saal Shaayari

"Naye saal ke ubharte hue suraj
Tumhain apni kirnon ki Qasam
Meri ek baat maan lo
Ke is naye saal main
Dil ki rahon per chalne walon ke
Raaston ko Roshniyon se bhardena"

Source:From a mail forward

Sunday, January 01, 2006

Goodbye! 2005, Hello! 2006


As we carry the memories of 2005, let us hope that the year 2006 has something good for all of us.