Has your email been hacked?
|
Collector of email addresses??
|
Quote:
|
Bell breach may have exposed over 1 million new email addresses to phishing and spam
CBC, May 17 ...And if you haven't already, check out Have I been pwned? for yourself. It's operated by computer security expert Troy Hunt — in other words, it's not some fly-by-night operation — and lets you see how many times your personal information has been leaked in previous data breaches affecting sites such as MySpace and LinkedIn. |
Quote:
|
Quote:
|
Quote:
|
Quote:
If you change your Password,set 2 step validation and even make a new security question you should be OK. D |
Unfortunately, most websites and services don't support two-factor authentication. The problems with the current poor security policies of many services and the way that users set up their security include:
Bill |
Quote:
3) For this reason, back in the early 2000s security expert Tom Simondi recommended to always give fictional answers to password-reminder questions (he used an "internet mother's maiden name" which was quite different from his real mother's maiden name). (If you are on a service which insists on real answers to those questions, move to another sharpish — they're clueless, or planning to sell that information, or both.) Nowadays, I treat password reminders as passwords, and use the same kind of highly-random sequences for both (and note them in my password repository). |
Quote:
|
Yeah I'm in so many leaks it's insane. Search "jarland@mac.com" for the fun of it.
These days it's not even a question of whether you'll be compromised if you sign up for a lot of internet services. It's about damage control. Using 2FA everywhere you can, using passwords designed to take impossibly long to crack by reasonable means. Unique passwords everywhere, never the same one twice. Rotate anything of importance regularly. A solid and locally controlled password manager is also key to surviving in today's internet. Now, I'll step down from the security pedestal that we nerds tend to get on for one thing. Your security should be relative to the value of the data behind it. Would I have an eye scanner on my shed where I keep only a broken down lawn mower? Of course not. If you honestly don't care who gets into it, and what's inside is of no consequence, don't perform security theater. You just do you at that point :) |
Quote:
Contributors to this forum please note. |
The thing I find about password reset questions is that you do need them eventually, so fake answers are bound to lock you out too! I've just had to go through all sorts of hoops for an elderly relative that can't remember anything anymore, but thanks to their password questions being decipherable to me (with some research) I was able to break into their accounts and save them from huge medical bills, etc., by being able to pay overdue invoices. A few years ago I had to go through the Google reset process and was just barely able to do it, thanks to having answered questions with real answers. So, this cuts both ways to me: it indicates that it is fairly easy to break into an account once you know a lot about a person, but on the other hand if you make it too hard to get in you will be locked eventually too! The thing is that some questions are pretty common, but how would a hacker know which question is used with which account? In other words, the make and model of my first car could be used on several sites, but even I do not know on which ones it was asked. How could a hacker use that information if they somehow obtained it? I suppose they could if they were targeting me and I was a high-value target, but I strongly suspect I am not (no money) and most of us are not so the effort required would be much higher than the reward.
|
All times are GMT +9. The time now is 10:08 PM. |
Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy