Easy. If the Default or Anonymous entries in the Access Control List are set to Read, anyone can see the IDs that are attached to the person documents. This highlights the fact that Domino/Notes is a very secure system IF IT IS SET UP CORRECTLY. Leaving names.nsf wide open for reader access is a known problem, and smart hackers know to look for it.
Dig Deeper on Lotus Notes Domino Access, Permissions and Authentication
Related Q&A from Chuck Connell
Is it possible to encrypt a user's name before sending an email? SearchDomino.com expert Chuck Connell weighs in. Continue Reading
Learn how to change authentication timeout interval for Domino Web Access logins. Continue Reading
SearchDomino.com expert Chuck Connell provides a resource for a Lotus Notes administrator who wants to filter out email containing the word "spam," ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.