nanog mailing list archives

Re: gmail security is a joke

From: "Aaron C. de Bruyn" <aaron () heyaaron com>
Date: Tue, 26 May 2015 12:28:26 -0700

On Tue, May 26, 2015 at 9:06 AM, John Levine <johnl () iecc com> wrote:

If they do a reset, what difference does it make whether they send the
password in plain text or as a one-time link?  Either way, if a bad
guy can read the mail, he can steal the account.


If they can e-mail you your existing password (*cough*Netgear*cough*),
it means they are storing your credentials in the database
un-encrypted.

-A

Current thread:

gmail security is a joke Markus (May 26)
- Re: gmail security is a joke Saku Ytti (May 26)
  - Re: gmail security is a joke Owen DeLong (May 26)
    - Re: gmail security is a joke chris (May 26)
    - Re: gmail security is a joke John Levine (May 26)
    - Re: gmail security is a joke chris (May 26)
    - Re: gmail security is a joke John R. Levine (May 26)
    - Re: gmail security is a joke Aaron C. de Bruyn (May 26)
    - Re: gmail security is a joke John R. Levine (May 26)
    - Re: gmail security is a joke Aaron C. de Bruyn (May 26)
    - Re: gmail security is a joke Scott Howard (May 26)
    - Re: gmail security is a joke William Herrin (May 27)
    - Re: gmail security is a joke Barry Shein (May 27)
    - Re: gmail security is a joke John R. Levine (May 27)
    - Re: gmail security is a joke James Downs (May 27)
    - Re: gmail security is a joke Barry Shein (May 27)
    - Re: gmail security is a joke Barry Shein (May 27)
    - Re: gmail security is a joke William Herrin (May 27)

(Thread continues...)