Hacker News new | past | comments | ask | show | jobs | submit login

I think the point is that if your email provider is hacked or malicious, your email password is hacked, but that's really only a problem if you use the same password on multiple sites. Don't do that.



If your email is hacked/malicious, and that's where your password reset requests from twitter, facebook, HN etc. are sent, it doesn't matter whether you reuse passwords or not; the attacker has the power to change them.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: