|
|
|
|
|
|
by m0rganic
2990 days ago
|
|
|
also if answers to those questions alone has given you access to your account it is most certainly implemented poorly. Typically access to the account would come in a 2nd factor form like clicking on a reset password link from an email account that is yours and previously configured for such service. Only then would you be allowed to provide a new password to recover the account. Brute force protections like ensuring only a finite amount of failed attempts are necessary. |
|
|