It’s criticism directed at a service provider, not users. Service providers should assume users reuse passwords. Security is about protecting everyone.
It’s criticism directed at a service provider, not users. Service providers should assume users reuse passwords. Security is about protecting everyone.
schmidtster@lemmy.world 8 months ago
Than direct it at the service provider? Oh wait it got fixed a while ago.
Also where does their liability stop? Should they also just assume everyone is compromised? Where does the users onus come into play? I guess they shouldn’t send password resets than, since they should assume that their email is compromised already….
Yeah that’s actually a terrible idea if they must assume that they must protect everyone. Sorry can’t reset your password your email must be compromised.
JackbyDev@programming.dev 8 months ago
This is slippery slope bullshit and you know it. I’m not saying providers should have to magically prevent anything. I’m only saying they shouldn’t send you your password in an email. Crazy take, I know.
Also, with regards to it already being fixed or not, when I made this thread I hadn’t seen anything about that in the other thread. I’m more just annoyed that people want to dunk on people with supposed gotchas while acting like sending a password in an email is okay somehow.
schmidtster@lemmy.world 8 months ago
No it’s not slippery slope in this case, it’s what you’re suggesting and why it’s utter bullshit. But yes of course that’s the obvious defense to take there.
You’re not only saying that, you said that they need account for everything. Two totally different things. Can’t have X and not have Y.
Sending a password is okay in quite a few scenarios, you’re talking to broad again her.