Current time: 04-19-2014, 07:37 AM Hello There, Guest! (LoginRegister)

Post Reply 
password recovery: is anyone happy?
02-14-2012, 07:31 AM
Post: #36
RE: password recovery: is anyone happy?
(02-13-2012 06:31 PM)LakeRat Wrote:  I'm not even sure how they do use that security question,

Guessing ... I imagine they use it in the event that a customer has lost control of their password and also of the email address associated with the account.

Quote:they should use it

Yes indeed ... HOWEVER ... gmail also has sub-standard security in this area. They allow a password re-set either via secret question or via email link.

(I just checked. I have a gmail account that I only ever use for forgetting the password of it, in order to test google's recovery mechanisms.)

Maybe this substandard security is a devilish ploy on the part of google; by deliberately having reasonable-but-less-than-optimal security, they absolve themselves of responsibility in the event of a customer losing high-value information through account hacking; for a high-value account, it is the customer's responsibility to choose a host with appropriate security mechanisms.

Maybe something of the sort has also flitted through the mind of Dreamhost?

~Tom
Find all posts by this user
Quote this message in a reply
Post Reply 


Messages In This Thread
RE: password recovery: is anyone happy? - tomtavoy - 02-14-2012 07:31 AM

Forum Jump: