[SFD-discuss] "Remind me" broken on wiki

Georg Sluyterman georg at thecrew.dk
Wed May 9 08:15:05 EDT 2007


Alan Pope skrev:
<---snip--->
> Also how is this in any way more secure? If someone intercepts my mail they 
> can logon with my encrypted password in the same way I might, and change my 
> password?
> 
> It's not a big deal, just odd.

I don't know if its the reason:
Some people have a bad password habbit: They use one password for
several sites.
If someone intercept the message with the password in, only your account
on softwarefreedomday.org will be compromised.

Also if a eg. a server harvest a  e-mails, including the one with your
password in it, your account will not be vulnerable after you have
updated your password on softwarefreedomday.org. If it is compromised
before you update your password you would be aware of it when you try to
login to change your password (becaurse you are have to change it).

Other than that, i can't se the purpose... :-/

-- 
Regards
Georg Sluyterman
njlug.dk, Aalborg, Denmark



More information about the SFD-discuss mailing list