On Sat, Jul 2, 2011 at 7:38 PM, Michael Chesterton <[email protected]> wrote: > On Sat, Jul 2, 2011 at 3:17 PM, DaZZa <[email protected]> wrote: >> > My suggestion is to fill this form out ASAP. Any of your online accounts >> > that use [email protected] could reset your password at will. >> > <http://www.google.com/support/accounts/bin/request.py?ara=1> >> Done that. >> Twice. >> Unfortunately, the b****rd who hacked the account changes all the >> password recovery questions - which means I am S.O.L - Google says "We >> can't verify who you are" - Christ, it's been 10 years since I started >> using Gmail, how am I supposed to remember the date? Or the invite >> time and date? > > I thought when you (or someone else) changes your recovery email address, > you get sent an email to the old recovery address and can undo the changes > from there?
Apparently, not if you're Google. All you need to do is compromise someone's Gmail account, and you can change their recovery settings for *all* their Google services without any additional intervention. > Interestingly, the message I'm replying to was flagged as forged by gmail, I > found it in my spam bin. I didn't notice that - I know it had a dud "reply-to" header on it, but it appeared to come genuinely from Gmail for the ones my wife got. > And to respond to Scotts post, putting a condom on after the baby is born is > leaving it a bit late. I've done it now - and would have done it before if I'd known about it (yeah yeah, I know, mea culpa for not keeping up with the latest in Google world) - but yeah, it's shutting the gate after the horse has bolted. DaZZa -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
