Yes, Google was way ahead on the security front with forced https and 2-factor authentication.
Honestly, strong passwords are not that much of a protection - they are still vulnerable to phishing attacks, which is why 2-factor is important. Google does some other very good things. At the bottom of your inbox it tells you when your last account activity was and where it was from (IP). It tells you whether or not your account is open in multiple locations, a history of all your account access and geographic locations, and the ability to force signout of all other sessions than your current one. You can also set it to alert for unusual activity, which means access from a geographic place outside of where you normally access it. So if your account is accessed from a place like Russia or China when you live in the US, when you log in it will flag this with a bright red message on the screen. --------- Brian On Wed, Feb 22, 2012 at 2:01 PM, Thane Sherrington < [email protected]> wrote: > At 02:42 PM 22/02/2012, Anthony Q. Martin wrote: > >> it sounds like you are saying the lockouts are due to week >> passwords...isn't that a user issue? >> > > Obviously weak passwords are the issue and are the user's fault, if you > are simply concerned with placing blame. (I did have a 16 character > password user get locked out last week on Hotmail, however. > > To my knowledge, Google implemented two-factor and https before Hotmail > did, so that would put them ahead in trying to protect users from > themselves. > > I also think Hotmail gets attacked because most Hotmail users are seen as > noobs and Gmail users are seen as more savvy. > > In either case, it is a pretty big issue that neither appear to offer any > sort of support on the issue. > > T > > > >
