gmail security is a joke
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Wed May 27 08:17:34 UTC 2015
On Wed, 27 May 2015 09:13:47 +0530, Anil Kumar said:
> that link, since I have two-step verification set up, I was presented
> with a demand for a number provided by the Google Authenticator
> app on my phone. I provided that number and only then was I allowed
> to reset the password.
And you have to pre-register the phone number.
Sounds about as secure as you're going to get when trying to scale to 10
digits of users....
And as I said earlier - if your threat model involves needing more security
than that, you have bigger problems.. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150527/3cb74137/attachment.sig>
More information about the NANOG
mailing list