[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Gmail and Tor
To re-iterate previous threads on this topic, if you have at least one
successful login from a Tor exit node or other anonymizing proxy
service then the security system won't hassle you when you log in from
these networks. That's how you disable it - pass verification from a
Tor login.
I don't know what the reset process or weeks timeout refers to. If
they abandoned the login process after being asked to provide some
more information then the system assumes the hijack was real and
forces a password change. Perhaps that's what they mean.
With regards to why we do this, you can review the following
presentation I gave at the RIPE 64 conference:
https://ripe64.ripe.net/presentations/48-AbuseAtScale.pdf
https://ripe64.ripe.net/archives/video/25/
or (faster) this post from Urs:
https://plus.sandbox.google.com/u/0/+UrsH%C3%B6lzle/posts/Fvr2rCPiPUu
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk