[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Password bootleggers
We encountered this while verifying administrator e-mail
addresses when assisting universities in registering for IP
access to our journals.
Entering the university-supplied serials administrator's e-mail
address will often expose one or more sites that are publishing
the login and passwords. This method is not foolproof, but
simply a quick check for the more obvious postings.
We have alerted seven universities to such sites within the past
week.
Diane A Fagen, Librarian / Copyright & Permissions
American Veterinary Medical Association
1931 N Meacham Rd
Schaumburg IL 60173-4360
Telephone: 847-925-8070 ext 6770
FAX: 847-925-9329
e-mail: dfagen@avma.org
-----Original Message-----
From: owner-liblicense-l@lists.yale.edu
On Behalf Of James J.O'Donnell
Sent: Thursday, May 21, 2009 7:46 PM
To: liblicense-l@lists.yale.edu
Subject: Password bootleggers
Two websites have surfaced in recent days,
http://www.journalpassword.com and http://www.passfans.com, that
present login and password combinations that are good for a
variety of University libraries around the world. The point is
that with such login (often the login to the proxy server), a
reader can then navigate to whatever proprietary and subscription
databases, e-journals, and the like the given University has to
offer. I am aware of institutions working to make sure that any
of their own information posted on these sites is invalidated
immediately, but obviously libraries and publishers will both be
concerned. Just at the moment journalpassword.com seems
disabled, but passfans.com is up and running, though it seems to
hide the login/password information behind a thin screen of
requiring visitors to register.
Jim O'Donnell
Georgetown U.