Hugene - 3:31 pm on Apr 20, 2010 (gmt 0)

The issue here is the economic importance of something as the Google Account.

I personally suspected from day 1 that this was the target: partly because they reveled that some dissident's gmail accounts were hacked.

Well, in G's world, if you can access Gmail, you can access everything else too (because of SSO/Gaia)

SSO is OK, everyone else does it (M$, Yahoo, FB...) the problem is that a lot of G's services are actually economically important (adword, adsense, webmaster tools, analytics, docs)

this is the hardest thing for the cloud: protect the login.

However, I think G can pull it off, they have enough talent at hand for this.

Some suggestions: the login protection should be behaviorally based: take into account source, tool used for login, action once in the account, etc...