On Tue, 2009-04-21 at 22:12 -0700, Jesse Keating wrote: > On Wed, 2009-04-22 at 14:31 +1000, Rodd Clarkson wrote: > > Ah, I'm a little confused. > > > > All that was requested was a change of password. This doesn't stop Joe > > Public from signing up and accessing bugzilla, and presumably doesn't > > stop Joe from viewing leaky NDA's. > > > > All it seems to do is make me have to change a password. > > > > Surely if there are leaks using the old password, then there's still > > leaks with my new password (which is actually my old password since I > > went back in and changed it back). > > There is a theory that changing passwords on a regular bases lessens the > risk of somebody's password being stolen and used nefariously. > Depending on the account compromised the damage increases from nuisance > to legally damaging. What is the lifetime of bugzilla login cookies? -- David Woodhouse Open Source Technology Centre David.Woodhouse@xxxxxxxxx Intel Corporation -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
