gmail security is a joke
Aaron C. de Bruyn
aaron at heyaaron.com
Tue May 26 19:28:26 UTC 2015
On Tue, May 26, 2015 at 9:06 AM, John Levine <johnl at iecc.com> wrote:
> If they do a reset, what difference does it make whether they send the
> password in plain text or as a one-time link? Either way, if a bad
> guy can read the mail, he can steal the account.
If they can e-mail you your existing password (*cough*Netgear*cough*),
it means they are storing your credentials in the database
un-encrypted.
-A
More information about the NANOG
mailing list