1298

Add-on: same password, same identity. (lemmy.world)

submitted 8 months ago by woshang@lemmy.world to c/memes@lemmy.ml

177 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] randombullet@feddit.de 16 points 8 months ago

That's also assuming they used proper salts and a strong hashing algorithm.

Also MITM and or phishing attacks are not super common but can also depreciate your common password very quickly.

Always layered defense. If it's not 1 thing, it could be another.

Unique passwords are just one facet on a multi-layered security defense.

[-] Blackmist@feddit.uk 6 points 8 months ago

I think phishing is by far the most common way to get passwords.

I saw a guy at work fall victim to one. Looks like it's from some customer he knows, links to document on Office365 or similar, enter username and password and swearing because it's "lost them".

I went, "What URL is that?"

He looked at his screen for a second. "Fuck."

"How many passwords have you given it?"

"My work ones and my bank ones."

"Better change those then, hadn't you?"

[-] willworkforicecream@lemmy.world 3 points 8 months ago

Yep. Once I hit the password recovery link for a website and they emailed me my old password to me in plain text.

[-] Blackmist@feddit.uk 2 points 8 months ago

Or when they ask for the 2nd, 5th and 8th letters.

Or have a max character length.

[-] newIdentity@sh.itjust.works 1 points 8 months ago* (last edited 8 months ago)

Holy shit that's bad. I hope that was more than 5 years ago. They would actually deserve bankruptcy

this post was submitted on 27 Oct 2023

1298 points (98.0% liked)

Memes

44094 readers

1982 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

gary_host_laptop@lemmy.ml

sexy_peach@feddit.de

cyclohexane@lemmy.ml

cypherpunks@lemmy.ml