> This is another aspect of security that very few people realize: using > different passwords on different sites don't make you as safe as you think. > > Your single point of failure is your email account, period. Once a hacker > gets access to your email, they can reset pretty much every single other > account that you own, regardless of how many different passwords you use > for those. > > Sure, which is why your email account would qualify as belonging to the maximum security tier - similar to root level. A good practice is to have an automatic forwarding rule, which sends everything you receive to a special "shadow slave account", so that you may always retrieve reset emails to your compromised master account. Google also offers nonce codes as a recovery mechanism.
All I am trying to say is that there is no silver bullet, but there are pragmatic damage control and recovery strategies. -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To view this discussion on the web visit https://groups.google.com/d/msg/javaposse/-/MkpGKh_pDSkJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
