|
|
|
|
|
|
by Thorrez
1836 days ago
|
|
|
Interesting. But this point seems a bit different than the one tialaramex was making. tialaramex's criticism of passwords was that Edward can use the stolen ones eternally. But if your actions are followed, with Facebook resetting all those users' passwords and forcing them to reconfirm via email or phone, then tialaramex's criticism doesn't really apply anymore. The criticism only applies to users who reused their passwords on other sites, because Edward can still attack those other sites. |
|
|
Of course, but that's a weakness that concerns the user, not the platform.
It is not a flaw of Facebook's security model.