Something occurred to me today when I decided to post a comment on someone’s blog.
The person in question was using Blogger to publish their weblog, and subsequently, they were also using Blogger’s bespoke commenting system to accept contributions from users.
Three options are available to the user when posting to a Blogger comment; ‘anonymous’, ‘other’ or ‘login using your Blogger username and ID’.
The ‘anonymous’ option doesn’t need explained. The ‘other’ option allows users to input a name and a website address, which is subsequently published along with their comment.
However, it’s the ‘Blogger ID’ option that should give people the biggest cause for concern, because there is absolutely nothing to stop a malicious individual from setting up a fake Blogger-type blog, using similar code and graphics to the Blogger commments system, then harvesting the usernames and passwords of people who innocently post a comment using their Blogger username and ID.
It’s something to think about the next time you decide to post a comment on a Blogger blog using your Blogger ID.
Of course, here at The Copydesk (a Blogger blog), we have our own comments system, which doesn’t rely on Blogger’s comment system at all.