> Even if your email provider does end up getting breached, you only need to change one password to be perfectly secure everywhere again.
I liked the article, but this is not true - if a service gives out password reset tokens or log-in-via-emailed-link tokens, a breach of your e-mail will still require a reset on that service. Even in a fully Persona'ified world, such tokens are likely to exist for at least some services.
I liked the article, but this is not true - if a service gives out password reset tokens or log-in-via-emailed-link tokens, a breach of your e-mail will still require a reset on that service. Even in a fully Persona'ified world, such tokens are likely to exist for at least some services.