Simon Willison’s Weblog

1 item tagged “forgottenpasswords”

Yahoo could also have followed Gmail’s lead, and disabled the security-question mechanism unless no logged-in user had accessed the account for five days. This clever trick prevents password “recovery” when there is evidence that somebody who knows the password is actively using the account.

Ed Felten # 22nd September 2008, 4:21 pm

Related: gmail, security, webmail, yahoo