Tuesday, September 23, 2008

How Yahoo could have protected Palin's email | Freedom to Tinker

"Yahoo could also have followed Gmail's lead, and disabled the security-question mechanism unless no logged-in user had accessed the account for five days. This clever trick prevents password 'recovery' when there is evidence that somebody who knows the password is actively using the account. If the legitimate user loses the password and doesn't have an alternative email account, he has to wait five days before recovering the password, but this seems like a small price to pay for the extra security."

No comments:

Post a Comment