Google recently unveiled its new unified login system, that broke the usual "usename/login" form with different pages for each step of the process. The problem was: it allowed anyone to see the picture of any Google user.
The new authentication process is more versatile and is prepared to handle multiple authentication methods. The problem was that anyone could simply type an email address, either a known one or simply by trying out whatever they wanted, and in the next step - asking for the password - you'd be greeted by the user's photo (if available).
Google's intentions were good. For people handling multiple accounts, showing an image would be a great way to ensure they're logging in into the right account. But in this day and age, "good intentions" are often an open door for potential abuse; and it didn't take long for users to complain about it.
Now, Google fixes it. From now on, you'll only get to see the associated image if you're signing in from a familiar device or location. If someone, somewhere around the world, tries to type in your email just to see how you look like, they'll only get to see the generic placeholder.
Friday, June 26, 2015
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment