> Choosing different > algorithms does not necesarily make it more safe. As long as the main > passphrases > are different it will be ok. That's the problem -- I think most people use the same passcode. A strong design should make silly stuff like that hard to do by default.
>> I think it is important to let the user supply a pgp key so that the >> current settings can be safely emailed. > Not necessary, you can just change it over the secure connection just > like you can > set a new passphrase. in your account settings. But what if you can't get in? This also allows the website to reduce overhead for lost passcodes by providing a email button. No pgp key on file -- charge them a gram. Jeff --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
