has there been a password leak

Tape them to the bottom of a lamp, then when someone is in your house, having rendered you unconscious due to a load of alcohol and some barbiturates, they'll spot them, after having used that same lamp to search under desks, inside drawers, etc.

[/topical]
 
So being serious for a sec, if I dare. What's the best way to protect ourselves online? I have one hotmail address I use. Password is unique to only that, then I have the same username for almost everywhere else with one of three or four passwords I use. I let my phone or ipad takeover the password stuff where I can, but it doesn't always work but use a desktop at work so the password security is somewhat depending on which device I set it up on. I get constant warnings from my phone that my email and password have been detected in a datbreach for something where I have no financial links for. Like fitness apps and stuff like that. Obviously I have done nothing about this.

Best and easiest way? Granted it will be a bit of pain to do but dont mind paying a small subscription for decent security. Ta :)
 
Then make sure all passwords are generated no smaller than 24 chars
I hate Virgin Media's password policy for email accounts. It's not allowed to be longer than 10 characters, all of which have to be alphanumeric. :mad:

A Register reader has raised concerns over UK ISP Virgin Media's password policies after discovering he couldn't set a password longer than 10 characters or one that includes non-alphanumeric characters.
Reg reader rages over Virgin Media's email password policy - The Register
 
So being serious for a sec, if I dare. What's the best way to protect ourselves online? I have one hotmail address I use. Password is unique to only that, then I have the same username for almost everywhere else with one of three or four passwords I use. I let my phone or ipad takeover the password stuff where I can, but it doesn't always work but use a desktop at work so the password security is somewhat depending on which device I set it up on. I get constant warnings from my phone that my email and password have been detected in a datbreach for something where I have no financial links for. Like fitness apps and stuff like that. Obviously I have done nothing about this.

Best and easiest way? Granted it will be a bit of pain to do but dont mind paying a small subscription for decent security. Ta :)
Competence. Unfortunately there is no fool proof security system. You just need pure competence. It is very easy to fall for phishing scams. Hyper awareness is key. Whenever you get a text/email to login to your email --- always open your own browser session to Hotmail.

People who claim they have been "hacked" have simply fallen for stupid phishing scams, or have a password that was exposed in plain text in breach. Once a password is exposed in plain text, it can be encrypted again - and therefore the hackers know what the encrypted password looks like and can reverse map it to the plain text. These are called rainbow tables...
 
Competence. Unfortunately there is no fool proof security system. You just need pure competence. It is very easy to fall for phishing scams. Hyper awareness is key. Whenever you get a text/email to login to your email --- always open your own browser session to Hotmail.

People who claim they have been "hacked" have simply fallen for stupid phishing scams, or have a password that was exposed in plain text in breach. Once a password is exposed in plain text, it can be encrypted again - and therefore the hackers know what the encrypted password looks like and can reverse map it to the plain text. These are called rainbow tables...

Maybe we need to change how email works so adding function for links e.t.c is impossible some how. Maybe it might happen once we move over to passwordless websites so passwords can't be breached.
 
I have the same username for almost everywhere else with one of three or four passwords I use.
You're a prime example of someone who's very likely to be compromised somewhere, sometime.

I get constant warnings from my phone that my email and password have been detected in a datbreach for something where I have no financial links for. Like fitness apps and stuff like that. Obviously I have done nothing about this.
And there we are, it's already happened.

Ideally you should use unique passwords so that if one system is compromised, the others won't be as well.

There are very good password managers, I use 1Password which is now cross platform. What you should do is log onto every single service you have signed up to and change the password to something unique.
 
AThezBTyg6eU.png

I had a similar, if not the same, email but the link within pointed to :-

Code:
mailto:%[email protected]%3E;%[email protected]%3E?subject=unusual%20sign-in%20activity&body=Report%20The%20User

Microsoft did flag the email spam though and plonked it in the junk folder.
 
Back
Top Bottom