|
|
|
|
|
|
by msbarnett
3436 days ago
|
|
|
Yes, every site should be. The average user shares their niche acquarium site login username/password with their gmail login and bank and everything else. In the physical universe we occupy a given user's most security-sensitive site is exactly as vulnerable as their least security-conscious site. It behooves us as professionals to take that fact seriously. |
|
|
So what? Not every site has a login, or stores details about users. What about sites that are purely informational? If a site doesn't have passwords, why are you worried about users re-using passwords?