One half year after my complaining about the new overzealous account security measures with double verification process and today I get hit with the message:
The password you provided is in a list of passwords commonly used on other websites. To increase your security, you must update your password. After July 28, 2020 we will automatically reset your password.
Where do you get this information?
Can you please just back off? How do you know where I have used this password and if you know where I have used it, what tool have you used to hack into my stored passwords?
I just checked this password against several compromised lists and it has never been used before and compromised, so how do you know that the password has been previously used?
Even my bank accounts with my IRA, savings and checking accounts are not as overzealous as Github. Who is driving all this unnecessary work for Github users and why are you overstepping the security requirements of even major financial institutions and money processing organizations?
Way, way, way out of hand. I’ve complained about this before and gotten a long list of why it’s needed. Bottom line, however, is that financial institutions find a way to implement security without all this, so why can’t you as well instead of asking everyone to go through near a “new high-financed loan approval” procedure to simply log into their GitHub account?
I appreciate the facility but perhaps management could look at assigning this new massive security push to work instead in areas like improving the layout and flow and implementing consistency rather than everyone dog-piling on a new security measure every few months. Thanks.