|
|
|
|
|
|
by gambler
5005 days ago
|
|
|
1. Right now, Gmail has only as much control over accounts as individual website developers give it. It's up to us to implement alternative password reset system and make them the default. Any website can (and in my opinion should) switch to something else at any time, because, firstly, password reset system is decoupled from core authentication mechanism and, secondly, it is under web developer's control. Mass adoption of Persona will change this problem from locally solvable to unsolvable. If this becomes the authentication standard (which seems to be the project's goal), you will have to trust user's email provider. 2. Right now, Gmail can reset your password, but it cannot silently authorize someone else to use your account without you knowing. It seems (and correct me if I'm wrong here), that with Persona such scenarios will become possible. |
|
|
2. Yes, it can. It can delete password reset notifications. If the notification contained the password in plain text, then there would be no easy way to find out whether Gmail logged in to your account on X. If the notification contained a password reset link, there is a possibility that the user would subsequently discover that their password was no longer accepted on X. But given that most users use the same password everywhere, Gmail already has a huge potential for evil, as it could just use the passwords it has already collected. Users that worry about Gmail can use an alternative email provider or their own, after all, email and Persona are both decentralised. Website developers that worry about Gmail can use other authentication methods on top of Persona, such as in-house two-factor authentication.
tldr; if Gmail is evil, both Persona and current systems can't stop it. If that worries you, use your own email server, and use other authentication methods on top of Persona on your websites.