nanog mailing list archives
Re: gmail security is a joke
From: Anil Kumar <akumar () anilkumar com>
Date: Wed, 27 May 2015 09:13:47 +0530
On May 27, 2015, at 8:09 AM, Harald Koch <chk () pobox com> wrote: On 26 May 2015 at 11:32, Alex Brooks <askoorb+nanog () gmail com> wrote:Can you not set account recory options which change the way password reset requests are handled. https://support.google.com/accounts/answer/183723 Gives some guidance? AlexUnfortunately, setting these options does not disable the separate "account recovery form" listed at the bottom of the page, and it is this form that allows you to login with any previous password and to bypass 2-factor auth. I must admit I was surprised by this when I tried it just now. I guess it's time to rethink using Google as a primary account...
According to this page, the 2-factor authentication does kick in when you finally try to reset the password. http://webapps.stackexchange.com/questions/27258/is-there-a-way-of-disabling-googles-password-recovery-feature <http://webapps.stackexchange.com/questions/27258/is-there-a-way-of-disabling-googles-password-recovery-feature> “… I was presented with an emailed link to a reset page. When I clicked that link, since I have two-step verification set up, I was presented with a demand for a number provided by the Google Authenticator app on my phone. I provided that number and only then was I allowed to reset the password.” AK
Attachment:
smime.p7s
Description:
Current thread:
- Re: gmail security is a joke, (continued)
- Re: gmail security is a joke Sander Steffann (May 29)
- Re: gmail security is a joke Barry Shein (May 29)
- Re: gmail security is a joke Valdis . Kletnieks (May 29)
- Re: gmail security is a joke Owen DeLong (May 29)
- Re: gmail security is a joke Jimmy Hess (May 29)
- Re: gmail security is a joke Justin M. Streiner (May 29)
- Re: gmail security is a joke Rich Kulawiec (May 30)
- RE: gmail security is a joke Thijs Stuurman (May 26)
- Re: gmail security is a joke Harald Koch (May 26)
- Re: gmail security is a joke Anil Kumar (May 26)
- Re: gmail security is a joke Valdis . Kletnieks (May 27)
- Re: gmail security is a joke Rafael Possamai (May 27)
- Message not available
- Re: gmail security is a joke Larry Sheldon (May 27)