Fwd: confirm 9a85e83e9531356d37cfd8581573d167b99c16f8
Marco Nembrini
marco.nembrini.co at gmail.com
Sat Apr 12 01:15:04 PDT 2014
On 12.04.2014 08:02, Walter Bright wrote:
> On 4/11/2014 8:30 PM, Steven Schveighoffer wrote:
>> Of course, it means you have to accept their word, and trust their
>> competency. I
>> tend to doubt that somehow this is all a ruse and they are in cahoots
>> with the NSA.
>
> I agree that it is pretty unlikely they are in league with the devil.
> But what would happen to you if all your passwords got lost or
> compromised? How much trouble would it be? All your bank accounts? All
> your email accounts? All your professional accounts? All your accounting
> stuff? Suddenly you're cut off from all of it? The risk may be small,
> but the potential damage could be very high.
True. But that could happen with any of those sites individually too.
And a company whose only business goal is to keep passwords secure is
probably harder to hack into that companies which have a different focus
and might not invest as much into security.
Most accounts you could get back through password recovery, so the only
important ones are your email and bank accounts, where imo you should
really have two-factor authentication.
Security is always a tradeoff between convenience and protection. I find
lastpass is a good one, being super convenient and with good enough
protection, but I think it's good to think about all the possible
scenarios and decide if you are willing to take the corresponding risks.
Ultimately there's no right answer, everybody has to decide on the
tradeoff on his own.
More information about the Digitalmars-d
mailing list