beschizza at May 21st, 2014 09:34 — #1
jerwin at May 21st, 2014 10:33 — #2
The same password should never be used across multiple sites or accounts.
sigh. People just don'nt understand human psychology
carl_pietranton at May 21st, 2014 10:39 — #3
Yeah, because remembering eleventy-thirteen passwords and not having them written down is so fucking easy. When do I just get an Iris reader for my computer?
jandrese at May 21st, 2014 10:47 — #4
That's what password managers are for. It's annoying that they're a bit of a hack, but they're preferable to reusing passwords. That and being tied to a single machine is a bummer too unless you're willing to carry around a USB stick with your password manager software on it and people are willing to let you plug it in.
jerwin at May 21st, 2014 10:48 — #5
It's all well and good if you have only the one computer, but I also have a tablet, and the process of typing in overly complicated passwords on a touchscreen keyboard that's split into Alphabet, Numbers and Symbols is not an entirely endearing one.
ffabian at May 21st, 2014 11:04 — #6
I recommend LastPass. It has a IOS and android app, the password vault is accessible via web interface and there is a browser plug-in for all common browsers. The Android app is even able to auto-fill/auto-login since the last update. The only password you have to remember is the LastPass Master-Password.
If you don't like typing complicating passwords with Numbers and symbols on phones or tablets consider creating a longer password (more than 25 characters) by stringing together six simple words.
jerwin at May 21st, 2014 11:29 — #7
lastpass premium? You might argue that the cost is peanuts compared to "my daily double triple caramel machiatto in white wine sauce" but honestly, I think that's a silly, wasteful, uneconomic habit too.
I'd prefer not to be nickled and dimed
ffabian at May 21st, 2014 11:35 — #8
The use of the browser plugin and the online access are free. The mobile apps indeed require the premium fee (1 dollar a month). It's a matter of convenience - I don't mind paying a small fee for not juggling around a dozen post-its with different passwords.
Keepass got some nice reviews too and its free (but no apps ;-( ).
jardine at May 21st, 2014 11:38 — #9
ffabian at May 21st, 2014 11:40 — #10
I stand corrected. Didn't know that. Even better then.
wisconsinplatt at May 21st, 2014 13:28 — #11
Especially when you split your time between Tablet PC docked with a regular keyboard, Tablet PC undocked with the Windows 8.1 on-screen keyboard, the iPhone and its On-screen keyboard, and a random Android tablet with what ever input method is enabled on it... and anything beyond lowercase letters and a number thrown in becomes a pain in the ass.
So much for muscle memory
matthjones at May 21st, 2014 13:39 — #12
I'm sure ebay will respond to this issue with their usual charm, love and excellent customer service.
marc45 at May 21st, 2014 14:01 — #13
"The database, which was compromised between late February and early
March, included eBay customers’ name, encrypted password, email address,
physical address, phone number and date of birth."
If the compromised data includes an "encrypted" password, then how could the password be compromised?
karls at May 21st, 2014 14:12 — #14
For one, it appears that now someone has all the ingredients for an offline attack.
woodchuck45 at May 21st, 2014 14:15 — #15
The database, which was compromised between late February and early March
I'm so glad we have timely reporting laws here that require companies to notify their customers that their information has been stolen in time for said customers to actually do something about it.
jandrese at May 21st, 2014 16:10 — #16
Attacks on hashed passwords return around 40-95% of the passwords in the database with a typical attack, depending on the method of encryption used and the password requirements enforced.
Turns out people suck at choosing passwords, and website operators suck at implementing proper security.
madlibrarian at May 21st, 2014 16:47 — #17
I use ebay, and have yet to be notified that I must change my password, either via e-mail or by a flag on my account. Thank you, ebay, for your timely attention.
karls at May 21st, 2014 17:02 — #18
When I changed my Paypal password I noticed that while I had the password I had forgotten my answers to the security questions.
You know, those questions that have the world's worst passwords as their answers. If only I knew why I didn't provide the obvious answers a decade ago.
crashproof at May 21st, 2014 18:24 — #19
name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information.
That still sounds like a pretty good identity theft starter kit, given how non-diligent many places are.
applefitch at May 21st, 2014 22:06 — #20
Sooooo...anyone want to wager on when Amazon gets hacked?
next page →