Skype Password Reset Flaw Allows Hijacking of User Account

Microsoft, who acquired Skype last year, had to temporarily disable Skype.com Reset Password page due to the fact that, a user’s account could be taken over by someone who knows the e-mail address associated with their Skype account. The flaw was reported on a Russian website a few months but, Microsoft said they were notified earlier this morning of the flaw.

Skype Password Reset Flaw Allows Hijacking of User Account

They have made changes to the password reset process and the reset password page is now working properly.

The flaw allowed multiple Skype accounts to be registered with the same e-mail address. If someone knows the e-mail address associated with your Skype account, that person could register a new Skype account with it and take control of your account (hijack) by using the password reset page to change your password.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
Share this with others:

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please remove sensitive information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

Write Your Comment, Question, Answer, or Review

Skype Password Reset Flaw Allows Hijacking of User Account