This goes for major email service providers like iCloud, Yahoo Mail, and Outlook, as well as services such as Netflix, which is where “dots don’t matter” goes from being a feature to a security issue.Ĭolumnist Jim Fisher recently described how he almost fell for a scam that targeted his Netflix account.
While services like Gmail and Facebook may filter out dots, other services do not-meaning that and would be treated as two separate people/accounts on many services and sites that require a login/password combination. The problem, and it’s a big one, is that this behavior is specific to Gmail, and not to the rest of the Internet. In the simplest terms, anyone with a Gmail account also has access to every possible variation using dots e.g.
The exploit uses a feature called “dots don’t matter,” which ironically was developed by Google as a security measure. Google’s email platform has more than a billion active monthly users as of the last count in February 2016, which is why the recent discovery of a Gmail vulnerability should be cause for concern for the entire Internet.
