Page 1 of 2 12 LastLast
Results 1 to 20 of 26
  1.    #1  
    123456, sound off! If you're one of over a million people who had your account information stolen this weekend, then that's most likely your password!

    According to a article from Gawker Hack Exposes Ridiculous Password Habits - PCWorld the most common passwords used are still some of the oldest, 123456, qwerty, password, and don't think being cute and changing it to passw0rd will help either.

    Overall, if you want the most secure, uncrackable password ever, use a random combination of letters, numbers, and symbols about 128 characters in length. If that doesn't do it for you, nothing will.

    As most of us don't have the time to type that in, try to get around 15 character combinations. Which is rather funny, as several sites I've been on won't allow you to have a password of more than 9 characters, ridiculous, no?

    Anyways, if your password is on this list, then change it post haste, as some hacker out there is probably about to pass you the cheese.
    Down with the BourgeoisOS oppressors, webOS users unite!
  2. groovy's Avatar
    Posts
    941 Posts
    Global Posts
    955 Global Posts
    #2  
    And all of those new passwords probably got added to someone's dictionary attack list so even if you changed your Gawker account and corresponding email account passwords, your other accounts that use the same password may also be compromised. One the other hand, if you use throwaway email address and a different but relatively easy to remember password for any site like this that doesn't encrypt logons, then you should be okay.
  3. groovy's Avatar
    Posts
    941 Posts
    Global Posts
    955 Global Posts
    #3  
    Still, War Games blew the lid off this problem 25 years ago and people are still using simple passwords.
    Last edited by groovy; 12/14/2010 at 11:28 PM. Reason: wrong Matthew Broderick reference
  4. #4  
    Just a little blog entry I wrote a while ago on the topic of password security: Password Security - Windows Live
    Richard Neff

    My tutorials on WebOS development: Beyond 'Hello World!' | Getting Started - WebOS Development

    My apps: Percent Table | SierraPapa
  5. #5  
    http://techcrunch.com/2009/07/19/the...witter-attack/

    This a great read on the breakdowns of a typical attack.. That exposed twitter in all it's glory last year
  6. #6  
    I don't get it. I got attacked, but I use different passwords for all of my accounts, and they are random letters and numbers. Still, just about every site I have an account for had me change my password.
  7. groovy's Avatar
    Posts
    941 Posts
    Global Posts
    955 Global Posts
    #7  
    Quote Originally Posted by Mhunterjr View Post
    I don't get it. I got attacked, but I use different passwords for all of my accounts, and they are random letters and numbers. Still, just about every site I have an account for had me change my password.
    You mean every Gawker site? If so, I think that's just a preemptive measure.
  8. wotan's Avatar
    Posts
    57 Posts
    Global Posts
    71 Global Posts
    #8  
    A lot of sites are requesting that any member with an email address included in the attack change their passwords (even if password and username are different from those exploited from gawker.)

    My details were compromised in the attack and I've received a lot of emails from various sites that basically just say someone has been trying to login. Luckily, my password that I had used isn't one that is used for anything important so I'm not concerned, but Amazon, LinkedIn, eBay, paypal and a few others have all requested that I change my password just the same. I think it's good looking out by those companies.
  9. #9  
  10. angiest's Avatar
    Posts
    933 Posts
    Global Posts
    952 Global Posts
    #10  
    I think my daughter's webkinz password is more difficult than those.
  11. Maturin's Avatar
    Posts
    165 Posts
    Global Posts
    166 Global Posts
    #11  
    I'm a fan of password algorithms. Basically something relating to the site you are trying to access, and a personalized code or method to mix it with. That way, you can have different passwords for every site while never having to store them or look them up.

    I imagine this method would protect your other accounts if it was an automated attack, but it's possible all your accounts would be compromised if you were being personally hacked.
    HP Touchpad: I just cant quit you, baby.
  12. azdenn's Avatar
    Posts
    39 Posts
    Global Posts
    106 Global Posts
    #12  
    but whatever you do don't go changing your password on gawker.. there's sure to be a keylooger there...

    i long ago began creating different passwords for each individual site...

    i have a personal password strategy that involves the same combination of associated combinations... that way i know what i'm doing no matter what site... plus i keep a file on my computer of all of them... so i can cut & paste...
    Palm IV > Palm Treo 600 > Palm Centro > Palm Pre Plus > Nokia Lumia 920
  13. #13  
    Quote Originally Posted by gilcarvr View Post
    but whatever you do don't go changing your password on gawker.. there's sure to be a keylooger there...
    Because keyloggers are hard to bypass.

    I'd be more worried about a packet sniffer sitting on their network if it was as bad as they claim.
  14. #14  
    I use a program called 1password which is outstanding. Its mac only, but anyone who has a mac should consider this program if they are concerned about password security. Its easy to use and powerful at the same time.
  15. #15  
    Quote Originally Posted by cellmatrix View Post
    I use a program called 1password which is outstanding. Its mac only, but anyone who has a mac should consider this program if they are concerned about password security. Its easy to use and powerful at the same time.
    According to this, they do Windows:

    1Password for Windows
  16. #16  
    I use LastPass for windows to generate random passwords and they're stored for me. You only have to remember one hard password for LastPass, hence the name.

    This reminds me of bash.org:

    QDB: Quote #244321
  17.    #17  
    LastPass is an excellent way to make/store passwords with its built in generator. Also there's an app for it.
    Down with the BourgeoisOS oppressors, webOS users unite!
  18. groovy's Avatar
    Posts
    941 Posts
    Global Posts
    955 Global Posts
    #18  
    Of course none of that helps if the site you're using doesn't store it's user files in a responsible way then gets into a feud with a hacker site.
  19. #19  
    Yea, I definately do not bother with secure passwords for sites that save your password in a char field...
  20.    #20  
    I have one major secure password for my email, then a couple other passwords that I use for everything else. That way if they get one, they still can't get into my email.
    Down with the BourgeoisOS oppressors, webOS users unite!
Page 1 of 2 12 LastLast

Posting Permissions