[mjn]

Google requiring you to enter your password at random times for random things (e.g. to read a Google Groups message) seems like one contributing factor, since people treat those prompts as routine noise, and are less likely to investigate such a common occurrence too deeply.

[dsaber]

That's a really good point. It happened with me a few times, especially while clicking on some search results pointing to Google Groups. Now I'm wondering if any of those were actually phishing attempts, because it's sometimes really easily to overlook what the real domain of the search result is.

[shloime]

I agree with this point. I retype my user information, even while logged in, at least a few times a week.

[GigabyteCoin]

I never re-type my user information. I don't even know what it is.

Whenever I create a new password for a website, I make sure it's random, and I make sure I can't remember it. I leave that job up to Firefox's password save mechanism.

Whenever I REALLY need a password, I go to the text file I pasted it in when I created it. Or extract it from within the firefox preferences.

Case in point. If a certain login URL I am familiar with doesn't know my password I am suspicious already.

[mentat]

That's odd because I never do. I'm using two-factor and I only have to retype login information when that expires (approximately 30 days I believe.) Also, someone did phish my Google cookies and Google immediately shutdown my account and made me type in something from a text to reactivate my account. Overall I'm pretty happy with both of those circumstances.

[Moto7451]

This happens to me weekly. One problem in my case is I have three Google accounts (1 work, 1 Personal Gmail, 1 Youtube).

Some of the accounts don't work in every context, i.e. the pre-Google YouTube account doesn't seem to work for displaying public Google docs embedded PDFs. Sadly the accounts can be linked but not merged[1] which means I'm stuck.

[1]http://support.google.com/accounts/bin/answer.py?hl=en&a...

[mjn]

Good point; I wonder how many people take that approach. I personally tend to log out of Gmail after I read my email, which signs me out of my Google Account fairly regularly. But maybe that's an unusual use pattern.

[5555624]

I always log out of my Gmail account when I am done reading my e-mail, as well. Until recently, when I've come across several people who stay logged in all the time, I thought that was the 'normal' use pattern. Then again, I'm old and "back in the day" you always logged out of an application/system when you were done.