Re: gmail security is a joke

["John R. Levine" <johnl () iecc com>]

> I get what you are saying but my point was more about lack of crypto or
> reversible crypto than stealing the account.

I am all in favor of using crypto when it improves security.  But I am 
also in favor of not obsessing about it in places where it makes no 
difference.

> I like what Owen is describing, they should present all account recovery 
> options and let the user toggle on/off which ones they want to be usable 
> this way the user can make their own decisions and live with their own 
> choices.

Unfortunately, we have learned over and over again that the nerd instinct 
to push the security policy decisions onto civilians never ends well. 
Some people will check every box because more security is better, right? 
And then they're locked out and make expensive phone calls to your support 
desk. Others will uncheck every box because they just want to be able to 
log into the fripping account and it's your fault when their account is 
stolen.

R's,
John