> THE GOLDDATE SERVER COULD IN FACT EASILY GO TO THE EGOLD SERVER, AT
> THAT MOMENT, AND *TRY TO LOG IN AS THE PERSON* ....
>
> .. to CHECK whether the person was foolish enough to use their egold
> password as their GoldDate password.
The developer could offer that as a free service.
"Check this box to verify passphrase integrity"
It would check combinations of the birthdate & name, common dictionary
words, etc... against the given passphrase.
> If the person did make that mistake, the server would say "we told
> you NOT TO USE your egold password - we could have stolen all your
> gold just now. Choose a better password, doper!!!!"
Maybe not include the point about stealing their gold, but definitely
bitch them out for making such a dumb move.
Because they'll probably give the passphrase out to somebody without
similar moral standards. They will then complain that e-gold is insecure
and should implement grandiose, useless/ineffective means of 'security'.
> con -- is breaking into their account! liability if person is ever
> hacked, even if innocent, etc.
Yeah. Because they will probably give their passphrase out again and you
were the only one that made a show of 'verifying' their account.
Viking Coder
________________
Worth Two Cents?
http://www.2cw.org/VikingCoder
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]