gmail security is a joke

• Previous message (by thread): gmail security is a joke
• Next message (by thread): gmail security is a joke
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <CAKnNFz_apy8KHBXj0umGoq6UfCD640Jtxe9A+2TqU-d761-eug at mail.gmail.com> you write:
>Haha I cringe when I do a password recovery at a site and they either email
>the current pw to me in plain text or just as bad reset it then email it in
>plain text. Its really sad that stuff this bad is still so common.

If they do a reset, what difference does it make whether they send the
password in plain text or as a one-time link?  Either way, if a bad
guy can read the mail, he can steal the account.

Given the enormous scale of Gmail, I think they do a reasonable job of
account security.  If you want to make your account secure with an
external account or an external token (a physical one like a yubikey
or a software one like the authenticator app), you can.

Or if you consider your account to be low value, you can treat it that
way, too.

R's,
John

• Previous message (by thread): gmail security is a joke
• Next message (by thread): gmail security is a joke
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]