Password reset process

Student

(0)

Being Discussed

The current password reset process seems insecure to me considering how critical backups are. If someone has hacked into my email account they can easily gain access to my Mozy backups by requesting a password reset. I think the reset should require more effort possibly requiring answering "secret" question(s) as well.

In this case, I am currently secure as I am one of those using Windows EFS but that raises different issues for me to deal with.

05-02-2012 03:37 PM

Labels:

My Account (MozyHome website login)

Comments

Overlord Level 2

(622)

"if someone has hacked into my email account" is pretty same to "if someone has hacked into my mozy account", so you could just choose a secure mail with secred password, phone login confirmation etc,

but if mozy implements your suggesting, there would be just 2nd password you have to remember to reset the first one and people will be able to loose their accounts forever without an ability to reset password if they forget the secret answer, now they can't without loosing email.

05-03-2012 05:32 AM

Employee

(490)

Status changed to:

You could also use the Mozy custom encryption so if they get into your account, they would also have to have your decrypt passphrase which can not be reset.

07-18-2012 11:02 AM

You must be a registered user to add a comment here. If you've already registered, please log in. If you haven't registered yet, please register and log in.

Post a Comment

Ideas

Ask the Community

Labels

Password reset process