On Fri, Feb 10, 2017 at 12:14:05PM +0100, Klaus Ethgen wrote: > We teach people to not give their passwords away and now you want them > to give them to google? WTF?
Emphatic agreement here. Not only does this instill worst practices in users, but in *many* places, it's variously (a) against the TOS (b) against corporate/university/etc. policy (c) as in "a termination offense" (d) illegal. In one environment I support, it's all four. Moreover, at a time when hacks occur daily and large hacks occur routinely, handing over passwords to a third party just means helping them build a bigger target for attackers. Nobody should be encouraging that; anybody currently doing it should shut that function down and delete all the data (including backups and disaster recovery copies). ---rsk _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
