Fwd: confirm 9a85e83e9531356d37cfd8581573d167b99c16f8
Steven Schveighoffer
schveiguy at yahoo.com
Fri Apr 11 05:18:39 PDT 2014
On Fri, 11 Apr 2014 08:01:33 -0400, Manu <turkeyman at gmail.com> wrote:
> Well I missed it apparently.
>
> I'm extremely shocked, and rather angry. This is my 'low security risk'
> password, but I do share my low-security password among a few sites (I
> presume this is common practise), and I'm quite unimpressed to find such
> a
> blatant disregard for my personal security and privacy from - of all
> things
> - a forum full of smart, talented, and experienced programmers!
> Now I have to change my password everywhere, and remember to remember a
> special one just for this one forum! >_< ... at least I know it'll
> remind
> me what it is if I forget!
If, after the last year of hacking, and the heartbleed bug, people are not
using password tracker/generators, you haven't learned anything :)
Every single one of my passwords is some random horrible set of
characters, that even I don't know. And I can change them at any time
without any worry of forgetting.
I use lastpass premium, $1/month. I started using it when a web site that
I created a user for, to comment *once* on an article, ended up having its
passwords stolen (in encrypted form), and I realized I had used the same
password as my bank, credit card, email, etc.
A good article on password managers:
http://www.pcmag.com/article2/0,2817,2407168,00.asp
As a bonus, I keep all kinds of info in my last pass vault, that I would
normally have to write down (like safe combinations, or key codes for
doors). It's really cool to have an infinite memory for infrequently used,
but very important things, that only I can access :)
They just updated their "challenge" tool to scour your passwords, tell you
which ones are for sites that were affected by the heartbleed bug, whether
those sites are now safe or not (including whether the certificate is new
or not), and whether your password predates them making their site safe
(so you should go change the password).
-Steve
More information about the Digitalmars-d
mailing list