On Wed, 28 Dec 2011 21:38:36 +0200, Andrei Popescu wrote: > On Mi, 28 dec 11, 17:57:55, Camaleón wrote: >> >> If the user is logged in with that option set, keeps the session opened >> and leaves the computer unattended, anyone can start using his account >> for their own purposes (sending massively e-mails, changing the >> password...). Having a completely encrypted session in the above >> situation is useless because the user is already logged. > > Most services I know (I just checked on Gmail) don't allow changing the > password unless you also provide the old password, even if you are > already logged in.
You're right. I was not aware of it, that's good to know (an extra of security mesaures does not hurt anyone): Changing your password http://support.google.com/mail/bin/answer.py?hl=en&answer=6567 Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pan.2011.12.28.21.41...@gmail.com