• @[email protected]
    link
    fedilink
    17
    edit-2
    11 months ago

    Yeah this is like 85% the users fault. If the website stores passwords in plaintext, it’s their fault. If the user used “password” as a password it’s their fault. The site could have been more helpful by having a cool down between incorrect passwords and monitor of failed attempts. Also maybe limiting the data shared between relatives. But like with Facebook, if you gain access to someone’s account you will see their friends too.

    • SeaJ
      link
      fedilink
      1511 months ago

      What you are describing kind of seems like 85% the site’s fault. Having no lock after failed attempts is a pretty epic fail. That combined with lax password requirements leaves the whole thing open to brute force.