• BlackPenguins@lemmy.world
    link
    fedilink
    arrow-up
    23
    arrow-down
    5
    ·
    edit-2
    10 months ago

    Yeah this is like 85% the users fault. If the website stores passwords in plaintext, it’s their fault. If the user used “password” as a password it’s their fault. The site could have been more helpful by having a cool down between incorrect passwords and monitor of failed attempts. Also maybe limiting the data shared between relatives. But like with Facebook, if you gain access to someone’s account you will see their friends too.

    • SeaJ@lemm.ee
      link
      fedilink
      arrow-up
      19
      arrow-down
      4
      ·
      10 months ago

      What you are describing kind of seems like 85% the site’s fault. Having no lock after failed attempts is a pretty epic fail. That combined with lax password requirements leaves the whole thing open to brute force.