this post was submitted on 10 Jul 2023
3318 points (99.9% liked)
Lemmy.World Announcements
29079 readers
206 users here now
This Community is intended for posts about the Lemmy.world server by the admins.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world/
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Support e-mail
Any support requests are best sent to info@lemmy.world e-mail.
Report contact
- DM https://lemmy.world/u/lwreport
- Email report@lemmy.world (PGP Supported)
Donations ๐
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
Join the team
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Good thing we all use randomly generated passwords for every account and always remember to change them every few months.
Passwords are safe, it's temporary session tokens (already invalidated) that were exposed.
Good call.
However, that wouldn't have prevented this from happening. Not even MFA can protect you in case of an exploit like this.
My password is 4, it was randomly generated with a dice. Every few months I roll the dice again.
I'm not perfect as far as password opsec goes, but I did indeed use a randomly generated unique password here.
Hell, even if your password safe is only what's built into Firefox or Chrome, that's still better than using easy-to-guess passwords or sharing passwords.
Brave has a really good random password generator logged in and a password manager that is protected by a 24 character seed phrase
And randomly generated emails! (Thanks to SimpleLogin!)