On Tuesday 23 November 2010 20:27:05 Ian Clarke wrote: > On Tue, Nov 23, 2010 at 10:06 AM, <[email protected]> wrote: > > > > > Well, there would need to be a separate recovery password, and then the > > > original password simply becomes redundant from a security point of view. > > That's how it works in all password recovery system on internet. > > Usually, it's an answer to a question. Granted, there is also the > > "send to this email" option we can't have in freenet (afaics). > > Yes, typically on the Internet its just an answer to a question, but > effectively this is just another password - although it will often be a > password that is much easier to do a dictionary attack on (eg. "Name a > favorite place?" - it wouldn't take long to test every place-name on the > planet that people are likely to provide). > > > Anyway, for now we can just agree on having only non password > > protected identities. If someone have a master password, we ask him > > when launching the node (dunno how it is handled right now). > > I just wish we could focus on actual usability issues, and try to avoid > getting sidetracked as we've been with this whole issue of identities and > passwords.
IMHO the biggest "actual usability issue" is lack of functionality, performance and content. Although the reports on FMS are of an average of 30KB/sec for popular downloads, which by historical standards is amazing - although they hark back to a time earlier this year when it was 130KB/sec. Data persistence is pretty poor though. Not that I have a problem with improving the UI.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] http://freenetproject.org/cgi-bin/mailman/listinfo/devl
