On Wed, 2009-04-22 at 07:01 -0700, Jesse Keating wrote: > On Wed, 2009-04-22 at 08:53 +0100, David Woodhouse wrote: > > > There is a theory that changing passwords on a regular bases lessens the > > > risk of somebody's password being stolen and used nefariously. > > > Depending on the account compromised the damage increases from nuisance > > > to legally damaging. > > > > What is the lifetime of bugzilla login cookies? > > I have no idea. I'm not defending the actions of whomever forced the > password reset, I'm just trying to explain what I gather their > motivation was. When "getting sued" is involved, security theater is much more important than actual security. Stop thinking like engineers and thinking like suits and lawyers (in suits).
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
