- Joined
- Sep 12, 2010
- Messages
- 11,703
- Location
- The Netherlands
- Pronouns
-
- He - Him
- Discord
- Lightheart#7487
Mine was only 86 days old. It was way too young to die. I lose.
Crazy, who would have thought this site would be a target? Anywho, because everything else of mine pretty much requires rolling passwords, none of them are in sync anymore... lol.
:grumble Fine, I'll improve my security. :grumble
I've been planning on moving to a password manager of some sort for a while, I guess it's time to actually do it.
The main reason to move to a password manager (any one you're comfortable with, although I use LastPass), is that it eliminates the "use the same password on lots of websites" problem. (by letting you make strong passwords and easily use a *different* one on every site).
This is about the 5th or 6th site that i've been a member of that has had either actual passwords or salted password hashes stolen from it. (for lots of reasons, stealing hashes is almost as bad as stealing actual passwords, people's password choices are *VERY* predictable).
Its going to happen again. Worse things are going to happen. The level of attacks out there in the wild is just stunning, with all levels of actors from teen-hacker all the way to large-agency-of-government level actors. Its only a matter of time before almost any password you set is compromised - one of the best things to do is contain the blast radius by not reusing them between sites. (changing them periodically, interestingly, is less effective. There's some evidence that making people change their password every now and then doesnt improve password quality and may decrease it).
So all you people who have 1000 day old passwords arent really making your security worse because they're old. mother)
But you're probably choosing terrible passwords that can be recovered with a script anyway.
So don't do that. :nono
PS: Its not only passwords online that have this problem. I once got into a very expensive property (legitimately, i was returning something i'd borrowed but didnt have the owner's phone # and you couldn't see the house from the gate), by typing "1234" into the electric gate keypad. Voila, open sesame...