As account / blog hijack activity remains non zero, Blogger Engineers should continue to tighten down the account / blog recovery process.
Some unhappy ex blog owners (or would be blog thieves?) insist that Blogger recovery standards are too strict, and need to be eased back, a bit. My suspicion is that, as long as thieves are able to steal blogs, with impunity, Blogger recovery standards are too lenient - not overly strict.
As long as thieves are successful, security is not tight enough.
Recovery procedures have to keep the wrong people out of our accounts.
The reason for having proper recovery procedures is to limit account / blog recovery to the actual account / blog owners - and to not give blog thieves the ability to hijack peoples Blogger accounts and blogs. Balanced security, IMHO, should be proportional to
This proportion should be carefully observed, until
If you maintain access to your account, you won't be here.
If you have lost control of your blog, by failing to remember the password - and you recently changed jobs, dropped your phone into the toilet, got a new computer or different Internet service - we are very sorry for your misfortune. That said, your inability to access your blog is caused by your negligence - not by overly strict security.
If you remember your account name and password, and you use Google 2-Step Verification, you are probably not reading this - you are busy working on your blog.
People who maintain their access properly are not here, looking for a way in.
The millions of blog owners who are working on their blogs do not care about the hundreds of ex blog owners who forgot their password, and can't recover because of anal Blogger security. They are busy, working on their blogs.
And, they are thankful that Blogger keeps their needs in mind, in balancing recovery security - so they can keep working on their blogs. Blogger supports active customers - and this is proper business practice.
Some unhappy ex blog owners (or would be blog thieves?) insist that Blogger recovery standards are too strict, and need to be eased back, a bit. My suspicion is that, as long as thieves are able to steal blogs, with impunity, Blogger recovery standards are too lenient - not overly strict.
As long as thieves are successful, security is not tight enough.
Recovery procedures have to keep the wrong people out of our accounts.
The reason for having proper recovery procedures is to limit account / blog recovery to the actual account / blog owners - and to not give blog thieves the ability to hijack peoples Blogger accounts and blogs. Balanced security, IMHO, should be proportional to
Number of people requiring to retain control of their blogs / Number of people desiring to recover control of their blogs.
This proportion should be carefully observed, until
Number of blog thieves able to steal peoples blogs = 0.
If you maintain access to your account, you won't be here.
If you have lost control of your blog, by failing to remember the password - and you recently changed jobs, dropped your phone into the toilet, got a new computer or different Internet service - we are very sorry for your misfortune. That said, your inability to access your blog is caused by your negligence - not by overly strict security.
If you remember your account name and password, and you use Google 2-Step Verification, you are probably not reading this - you are busy working on your blog.
People who maintain their access properly are not here, looking for a way in.
The millions of blog owners who are working on their blogs do not care about the hundreds of ex blog owners who forgot their password, and can't recover because of anal Blogger security. They are busy, working on their blogs.
And, they are thankful that Blogger keeps their needs in mind, in balancing recovery security - so they can keep working on their blogs. Blogger supports active customers - and this is proper business practice.
Comments