In couple sites such as tripadvisor.com I've noticed a pop up from Google prompting me to sign in ("Continue as "). The pop up is not requested by my actions and it's embedded into the site AND it contains my email address and my real name.
Doesn't this allow websites snoop users by extracting these pieces of information from the pop up? How can I stop this from happening and why isn't anyone else talking about this?
Related
I have no experience with this and I'm in need of major help. I have a word press website that I am trying to connect a gmail account to. So that the contact form gets sent to a gmail address. I got it all set up and it is telling me I need verification. This is only being used for my word press website. Probably very few users, not a business. Can I get around the verification process or not?
You would need an OAuth Consent Screen for your Project.
You can refer to this blog post on how you can connect a Gmail account on your Wordpress site
I have a website with typical login page, however when i login to the website with specific credentials, the Google Chrome's message "A data breach on a site or app exposed your password. Chrome recommends checking your saved passwords now";
Does this message indicates that there's a vulnerability in my login page in which enabled hackers to breach my password, and accordingly shall change some code regarding the functionality of my webpage, or does it indicate something different am unaware of, as after a research on the following link there's apparently other aspects Google Chrome takes into consideration prior to displaying this message.
Please Advise,
Thanks in Advance,
This Chrome functionality is advising the users to change their password as the password being used may have been compromised or leaked in previous data breaches.
According to this link, Google "compares passwords and usernames against over 4 billion credentials that Google knows to have been compromised". It is not related to vulnerabilities with your login page.
So, I have a web application where users can register and when they do, a confirmation email is sent to their inbox to confirm their email. This email that is sent contains a link that takes you to the log in page, and we use firebase to convert that link into a short dynamic link, example: https://xm5z5.app.goo.gl/wiRt.
However, when this link is clicked, the user gets a "suspicious link" warning from google and I can't seem to understand why this happens. I've read that a few other people with web apps have the same issue with google flagging one of their links as suspicious. Why could this be and how can this be solved?
The company I work for have a small Plone blog. But we have a problem with spam accounts. We use captcha on the site and Plone sends a mail to the users that they must confirm before they can edit the user profile. Still about 600 spam users are created every day. In the Plone user profile they paste all kinds of commercial links.
We are located in Denmark and the blog is in danish, therefore I have made a script to delete all users with a non danish mail adress. But even though most of the real users have a danish mail account I probably still deletes some real users when running the script.
The spam users register from a vide range of ip-adresses, so blocking ip's is not an option.
Does anyone have ideas to what to do about this problem?
Disable Plone comments/public user creation and use a third party commenting service such as Disqus.
They somehow trick recaptcha (if you find out, please let me know :)
But how do they do the email validation? They don't have to. Plone join_form has a hidden field for password which is filled by this bot and Plone saves it as the real password (check the REQUEST object comming from this bot)
So the bot doesn't need to check email for password. That's how they get in and activate those accounts. So fix the hidden password field from join_form.
Then, remove all users that have links in their profile description (as a real user you don't do that, do you?). Also don't let the users to input HTML within their profile description.
I'm tracking the free trial sign-ups for an online service that requires
email verification to complete the sign-up process.
How do I create a goal to track the sign-ups given that email verification required?
The registration process is as follows:
Click on free signup button (goes to
"/signup/")
Fill out sign-up form, including email address (goes to "/check_your_email/")
Click account verification link in email.
Arrive at the new account confirmation page. I plan to define this URL ("/confirm/signup/username/hashcode/")
as the goal
If the user closes their browser, then opens their browser, and clicks on email verification link, will the goal be tracked properly?
If the user closes their browser it will be considered a new visit when the browser opens up again to complete the sign-up process. This will increase the reported visit counts and you might also have problems with using visit level reports.
There could also be a problem if the user is not using their default browser then opens the link from an email program and their default browser is used.
You should probably set up two goals: one for the /check_your_email/ page and another for the verification page. That way you will be able to see if there's a significant drop-off between the two and work from there.
If you define "/confirm/signup/username/hashcode/" as the Goal, even if the user closes their browser and comes back to this page it will still be recorded as a Goal conversion.
You will have a problem with the conversion funnel : for those that did not confirm during the same visit, it will look like their visits dropped at the /check_your_email/ step, and you should see a similar number of visits coming from (direct) - email is usually recorded as Direct visits.
Also bear in mind to use appropriate Regular Expression if the confirmation URL varies with usernames.