@mirabilos
Same for Microsoft… and all of them really!
The very dangerous intrusion attempt that they are preventing is me in 100% cases.
The only time I got a meaningful alert of this kind was from EverNote — my account had a very simple password, but it remained dormant for at least a decade. And I used this as a reminder to delete it completely.
@m0xee yeah, RocketChat also explodes every time it logs me out and I have to log in again… sigh
@mirabilos
For me it's MS — as outlook.com has an easy way to use SMTP, I use it in different scripts to send notifications which should work even when other machines on my home network are down. And every time I'm stupid enough to use TOR for a browser that is logged into my MS account I have to go through this: change the password six times to reset it back to the old one, generate new unique passwords for legacy software — these ones are used to connect to SMTP…
@m0xee … all I can say is DDTT (don’t do that then) (here: use MS stuff)
@mirabilos
Yes, good point! It's reasonable to jump ships and use a different e-mail provider, but something I have a weird feeling that all the free ones are like that, I have no valuable information in some of these accounts — and yet everyone seem to go full-on with their security measures as if someone's life depends on it. They should just add an option "I don't care about this account" — something like it 😂
@pyrate
Works fine for one-off registrations — but not for my use case: sending messages out. If something like that existed, it would be exploited by spammers and I would be uncomfortable giving out my real email address — the one I send notifications to, to a service that I'm unsure whether I can trust.
@mirabilos
I posit one crucial suggestion.
Completely IP block India.