How do people keep track of the gazillion passwords required to live a "normal" life???
Printable View
How do people keep track of the gazillion passwords required to live a "normal" life???
What I’m getting at is it’s someone else’s stolen credit card info that was loaded on to your account and as someone else mentioned a test run was made to see if the charge would go through.
Last pass and other similar services. You only need one and they keep all your passwords. But I have always wondered how much it would suck when that account gets hacked.Quote:
Originally Posted by bellavite1
Sent from my iPhone using Tapatalk
Bellavite, Your info was probably in a data breach (same for the CC owner).
Erni, Some one recently tried to open a free website account with one of my old gmail accounts. They probably wanted to setup a phishing campaign that looked like it was coming from me. I am sure there is some trick shit they were trying on yours too, not sure what though.
Pro-tips:
Don't use SMS/Text for 2FA/MFA use an app like Authy/Google/Microsoft authentication, hardware key like Yubikey or a good secure email for a "one time password" (OTP). SMS is becoming a a liability and we are moving away from it for 2FA.
Check out Bitwarden as a password manager. Works pretty good, is open-source and you can use as a browser extension and on your mobile too if you want. Most of my passwords look like this now [CaRR#!6#B&okEMA]. The password manager feeds the site username/password and then you get a code to login. I am sure you already have to do this in other accounts/banks/etc. If your data to be leaked/breached, they still cannot get into your accounts.
Check if email your accounts have appeared in leaks or data breaches. https://haveibeenpwned.com/ You can also run your password through it to see if they have been compromised. You can pretty much assume they all have. That's why we need MFA/2FA.
Don't close accounts either. Often, they can simply be reactivated by the provider, they can also be reactivated by support is someone calls in with a fake sob story, or by answering you old security questions. Start by securing it with a new email/pw/MFA and get notifications of logins if possible. After a while, you should be good to disable or delete if you don't need it.
Brave new world ladies and gents, good luck!
Anything like biometrics that can be used as password for multiple accounts yet?
I always wanted to be a Terminator...
How safe is using Samsung fingerprint scanner with passwords generated by google?
Talk to me about this...(in layman terms, pls, I am an old fart here...).Quote:
Originally Posted by Eric P
#1 flaw of biometrics: When that shit gets hacked, it's pretty hard to make new fingerprints, eyeballs, or other physical traits. You're permanently screwed with a compromised "password" for life at that point.Quote:
Originally Posted by bellavite1
Ok, I see that...Quote:
Originally Posted by FoxtArt
Can other body parts be used for logging in? [Flower]
Here's how accounts get hacked, they either know you and you have a password based on your wifes or your dogs name and they get in to your account, or they hack a website and get the info needed to match up an email or username and a password that corresponds in which they then have to use that email and password combination at every bank and credit card company login until they find one that works, or they run a piece of software that runs random user names and passwords through a login interface on an online banking or whatever site until they come up with a match.
How do you combat this... You can break up your online use in to various categories such as your logins for online gun forums, vs online shopping sites, vs personal banking. At one time a professor wrote a paper on online security which came up with the whole must be 12 characters long, contain a letter number and special character and so on. This paper was based on combating the idiots that would use the name of their cat or dog and did not address the random password generator software in which if you have a phrase such a CoLoRado18!$ is no different than using reddogjumpup. The special characters and so on make no difference, basically the longer the password the more combinations of numbers letters and special characters the software has to run to break the password, the longer teh password the more time the hacker is wasting trying to figure it out. I think that I read that basically if you have a password over 15 characters long it wouldn't be worth the time for the random generators to mess around with.
For me I use 4 different passwords that are easy to remember phrases for myself that contain enough characters that a random generator would take too long to make it worth figuring out. My online forum and other BS sites use one password, my online shopping sites use another, my business logins use a third and my banking sites use a fourth.
Every year or two I change them. Have yet to have an issue.
The wrench in the whole thing is still the websites that are still living by the false idea that adding caps , numbers or a special character increase your security and require these things.