Hacker News new | ask | show | jobs
by rando444 3050 days ago
Assuming an attacker can't know your information is not a good idea.

Your login information can be gained via keyloggers, network sniffing, phishing scams, malware, malicious employees, and all sorts of other methods..

This is why two-factor authentication is so important, to help prevent your account from being compromised in the event that your username and password is.
1 comments
fbdjskajxb 3050 days ago
The part I don’t get is how not knowing your password makes the situation worse. The password recovery mechanism exists whether or not you use it every time you log in.

The way I see it, not knowing your password removes some potential threats around managing that password incorrectly, at the cost of increasing the risk of losing access to your account if the recovery mechanism doesn’t work.

link
rando444 3050 days ago
It doesn't make the situation worse, you're the only person suggesting that.

It offers some extra security, but very little. It's the digital equivalent of locking your back door but not bothering with the front door.

link
fbdjskajxb 3050 days ago
>It doesn't make the situation worse, you're the only person suggesting that.

The comment I originally responded to seemed to think so.

link