gmail security is a joke

Aaron C. de Bruyn aaron at
Tue May 26 19:28:26 UTC 2015

On Tue, May 26, 2015 at 9:06 AM, John Levine <johnl at> wrote:
> If they do a reset, what difference does it make whether they send the
> password in plain text or as a one-time link?  Either way, if a bad
> guy can read the mail, he can steal the account.

If they can e-mail you your existing password (*cough*Netgear*cough*),
it means they are storing your credentials in the database


More information about the NANOG mailing list