I got a WTF in the mail yesterday:
We recently noticed that you may have had trouble using your password to sign in and administer your site.
We’ve fixed a glitch that affected your account, and have temporarily reset your password to “123456″.
Please log in to your site and reset your password to something that only you will remember.
It had the look of a form letter, so it appears like there’s a good chance that I now know a significant number of passwords for this service. Of course, the login is the email address, so I’d have to know that, but for this particular site I don’t think it’d be too hard to figure a few out… Guys, a simple “click here to get a link that’ll take you to a reset password page” would’ve probably done the job a little better…
Oh, and when I did log in? It took me 5 minutes to find the place where I change my password.
Web 3.0 is gonna be all about openness. No passwords for anything, I tell you.
Post a Comment