Response from ALLOW Ltd.

Published by Jon on March 7th, 2011 in Debian, Tech

I’ve had a very courteous email from one of the founders of ALLOW, following my analysis of their password reset procedure.

“Thank you for your feedback regarding the security of our platform. We are constantly reviewing these processes and regard our members security as paramount, whilst ensuring our processes are navigable to the majority of the UK.   We have had the platform professionally penetration tested but your email demonstrates an excellent understanding of the challenges and we would welcome your suggestions on our options of improving the password reset process.

“We will be extending our SSL certificate to the publicly accessible  website and please be assured that this is held on a different architecture to that of the Member application.”

This is very promising!

Flattr this!



One Response to “Response from ALLOW Ltd.”

  1. Privacy specialists should hire security specialists - jwiltshire.org.uk Says:

    […] Response from ALLOW Ltd. […]