gmail security is a joke

• Previous message (by thread): gmail security is a joke
• Next message (by thread): gmail security is a joke
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 26 May 2015 19:11:51 +0300, Saku Ytti said:

> > OTOH, recovery by receiving a token at a previously registered alternate email address
> > seems relatively secure to me and I wouldn???t want to opt out of that.
>
> It's probably machine sent in seconds or minute after request, so doing
> short-lived BGP hijack of MX might be reasonably easy way to get the email.

To be fair, if your e-mail address is high enough value that somebody is
willing to risk getting caught doing a BGP hijack, maybe you have bigger
problems to worry about.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150526/ca9aa130/attachment.sig>

• Previous message (by thread): gmail security is a joke
• Next message (by thread): gmail security is a joke
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]