[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: No more Bugzilla for me
- From: David Woodhouse <dwmw2 infradead org>
- To: Development discussions related to Fedora <fedora-devel-list redhat com>
- Subject: Re: No more Bugzilla for me
- Date: Wed, 22 Apr 2009 08:53:52 +0100
On Tue, 2009-04-21 at 22:12 -0700, Jesse Keating wrote:
> On Wed, 2009-04-22 at 14:31 +1000, Rodd Clarkson wrote:
> > Ah, I'm a little confused.
> >
> > All that was requested was a change of password. This doesn't stop Joe
> > Public from signing up and accessing bugzilla, and presumably doesn't
> > stop Joe from viewing leaky NDA's.
> >
> > All it seems to do is make me have to change a password.
> >
> > Surely if there are leaks using the old password, then there's still
> > leaks with my new password (which is actually my old password since I
> > went back in and changed it back).
>
> There is a theory that changing passwords on a regular bases lessens the
> risk of somebody's password being stolen and used nefariously.
> Depending on the account compromised the damage increases from nuisance
> to legally damaging.
What is the lifetime of bugzilla login cookies?
--
David Woodhouse Open Source Technology Centre
David Woodhouse intel com Intel Corporation
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]