|
Message-ID: <CADRhWrCyORyhvnwKh6bkWU1ZEyMkUnWJVCTEbyaRmntabWvCQA@mail.gmail.com> Date: Wed, 16 May 2018 19:16:13 -0400 From: "Denny O'Breham" <obreham@...il.com> To: passwords@...ts.openwall.com Subject: Re: Keeping old passwords I don't think they should provide protection to me (but I'm questioning the goals of Google in that case), quite the opposite. I hate when a website owner thinks for me and assume all sort of things (like telling me what characters should be in my password). If someone chooses a 4-character password, you can tell him his password is not safe. But if he wants to keep it, let him. If you suspect suspicious activities, you can tell the user. But don't lock him out of his account and ask him to jump through all sort of hoops to regain access. On 5/16/18, e@...tmx.net <e@...tmx.net> wrote: >> So what protection do I gain as a user? Once the 'hacker' is logged >> on, you're pretty much done, no? > > why do you assume that they had to provide it to you??? > they do not sell "security" to you, > they are PROSPERING on selling you security theatre. >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.