this post was submitted on 09 Oct 2024
826 points (99.9% liked)

Technology

59651 readers
2722 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] sugar_in_your_tea@sh.itjust.works 34 points 1 month ago (15 children)

I recently went through most of my accounts and randomized the username, with the thought here being to limit the likelihood of one site being compromised leading to accounts at other sites being compromised. I don't have to remember them due to using a password manager, so it's really no skin off my nose.

I'll use this as a reminder to everyone to improve your security. Some ideas:

  • use a password manager and use random usernames and passwords
  • have multiple email accounts, and don't use your "main" email w/ random signups - I use a simple mnemonic, like "-@domain.com"; so "me-shopping@domain.com" or "me-games@domain.com" so it's easy for me to remember, but unlikely for a lazy hacker to pwn other accounts (a lot of these are automated); my real email is "me@different-domain.com"
  • use 2FA if offered, even if it's stupid SMS or email based; having any extra step can deter an attacker

Sucks that people are targeting IA, I hope there isn't any lasting damage and that this is a simple defacement/DOS.

[–] Julien_catanese@lemmy.world 2 points 1 month ago (2 children)

I recently went through most of my accounts and randomized the username, with the thought here being to limit the likelihood of one site being compromised leading to accounts at other sites being compromised. I don’t have to remember them due to using a password manager, so it’s really no skin off my nose.

I’ll use this as a reminder to everyone to improve your security. Some ideas:

use a password manager and use random usernames and passwords
have multiple email accounts, and don’t use your “main” email w/ random signups - I use a simple mnemonic, like “<user>-<purpose>@domain.com”; so “me-shopping@domain.com” or “me-games@domain.com” so it’s easy for me to remember, but unlikely for a lazy hacker to pwn other accounts (a lot of these are automated); my real email is “me@different-domain.com”
use 2FA if offered, even if it’s stupid SMS or email based; having any extra step can deter an attacker

Sucks that people are targeting IA, I hope there isn’t any lasting damage and that this is a simple defacement/DOS.

thanks for the advices ! Would you recommend a particular password manager?

[–] sugar_in_your_tea@sh.itjust.works 7 points 1 month ago (1 children)

I like Bitwarden, largely because it's open source and audited by a reputable third party.

[–] Julien_catanese@lemmy.world 2 points 1 month ago
load more comments (12 replies)