Skip to main content

Account / Blog Recovery Standards Should Be Tighter

As account / blog hijack activity remains non zero, Blogger Engineers should continue to tighten down the account / blog recovery process.

Some unhappy ex blog owners (or would be blog thieves?) insist that Blogger recovery standards are too strict, and need to be eased back, a bit. My suspicion is that, as long as thieves are able to steal blogs, with impunity, Blogger recovery standards are too lenient - not overly strict.

As long as thieves are successful, security is not tight enough.

Recovery procedures have to keep the wrong people out of our accounts.

The reason for having proper recovery procedures is to limit account / blog recovery to the actual account / blog owners - and to not give blog thieves the ability to hijack peoples Blogger accounts and blogs. Balanced security, IMHO, should be proportional to

Number of people requiring to retain control of their blogs / Number of people desiring to recover control of their blogs.

This proportion should be carefully observed, until

Number of blog thieves able to steal peoples blogs = 0.

If you maintain access to your account, you won't be here.

If you have lost control of your blog, by failing to remember the password - and you recently changed jobs, dropped your phone into the toilet, got a new computer or different Internet service - we are very sorry for your misfortune. That said, your inability to access your blog is caused by your negligence - not by overly strict security.

If you remember your account name and password, and you use Google 2-Step Verification, you are probably not reading this - you are busy working on your blog.

People who maintain their access properly are not here, looking for a way in.

The millions of blog owners who are working on their blogs do not care about the hundreds of ex blog owners who forgot their password, and can't recover because of anal Blogger security. They are busy, working on their blogs.

And, they are thankful that Blogger keeps their needs in mind, in balancing recovery security - so they can keep working on their blogs. Blogger supports active customers - and this is proper business practice.

Comments

Popular posts from this blog

What's The URL Of My Blog?

We see the plea for help, periodicallyI need the URL of my blog, so I can give it to my friends. Help!Who's buried in Grant's Tomb, after all?No Chuck, be polite.OK, OK. The title of this blog is "The Real Blogger Status", and the title of this post is "What's The URL Of My Blog?".

Leave Comments Here

Like any blogger, I appreciate polite comments, when they are relevant to the blog, and posted to the relevant article in the right blog. If you want to ask me a question thats relevant to blogging, but you can't find the right post to start with (I haven't written about everything blogger related, yet, nor the way things are going I don't expect to either), ask your questions here, or leave an entry in my guestbook.

As noted above, please note my commenting policy. If you post a comment to this post, I will probably treat it as a "Contact Me" post. If you have an issue that's relevant to any technical issue in the blog, please leave a comment on the specific post, not here. This post is for general comments, and for non posted contact to me.

If the form below does not work for you, check your third party cookies setting!

For actual technical issues, note that peer support in Blogger Help Forum: Something Is Broken, or Nitecruzr Dot Net - Blogging is, almos…

What Is "ghs.google.com" vs. "ghs.googlehosted.com"?

With Google Domains registered custom domains becoming more normal, we are seeing one odd attention to detail, expressed as confusion in Blogger Help Forum: Learn More About Blogger.My website uses "ghs.google.com" - am I supposed to use "ghs.googlehosted.com", instead?It's good to be attentive to detail, particularly with custom domain publishing. This is one detail that may not require immediate attention, however.