gmail security is a joke
larrysheldon at cox.net
Wed May 27 08:39:33 UTC 2015
On 5/27/2015 03:17, Valdis.Kletnieks at vt.edu wrote:
> On Wed, 27 May 2015 09:13:47 +0530, Anil Kumar said:
>> that link, since I have two-step verification set up, I was presented
>> with a demand for a number provided by the Google Authenticator
>> app on my phone. I provided that number and only then was I allowed
>> to reset the password.
> And you have to pre-register the phone number.
> Sounds about as secure as you're going to get when trying to scale to 10
> digits of users....
> And as I said earlier - if your threat model involves needing more security
> than that, you have bigger problems.. :)
As they say, I no longer have a dog in this fight beyond myself and to
an extent (advisory capacity) my wife, but I have been having trouble
understanding the concept of organizations ("network operators") with
large and legitimate concerns for security issues, using gmail.
sed quis custodiet ipsos custodes? (Juvenal)
More information about the NANOG