New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
A lot of PWned web services notification
chocolateshirt
Member
in General
Recently I received several email notification from websites that they have incident with unauthorized access, like ShopBack and MEGA, also asking me to reset the password. MEGA claim that many web services has been pwned.
Actually I rarely use those services. Do yo think I should reset my password?
MEGA - https://i.gyazo.com/2bb123e5b49cec834c1a892459ecfa77.jpg
ShopBack - https://i.gyazo.com/514404606901aed91c6e4ed4cdb3aef7.png
Comments
Why not?
I mean, setting a new random password and updating your password safe shouldn't be a big deal.
You are right, I will check my old account there..
While you're at it, use a different password everywhere. Take your pick at a password management tool, just avoid
passwords.txt
. I use a derivative of Bitwarden. It's like one of those paid services (eg: LastPass), but free and you can control the data.I've also started using email aliases with random vendors (eg: me+vendor@mydomain) - depending on your email provider this is an easy way to have many identities.
An added benefit is you can sometimes see who sold you out (eg: an advertisement sent to your vendor alias from someone completely different).
Devils advocate but I would suspect passwords.txt on Karen's desktop is less likely to get abused for a serious breach than a post it note on her monitor.
Of course, ideally procedures would be in place to encourage a password manager instead; but - baby steps.
I would imagine local files are more likely to be target for automated attacks - crypto locker and the like. Something in person is a lot more dangerous.
True, but I worry more about mistakenly destroying the file or simply losing track of it. Backing it up becomes a liability (was it encrypted? when?)
Every little bit helps though - baby steps like you said