On Fri, 11 Apr 2014 08:01:33 -0400, Manu <turkey...@gmail.com> wrote:
Well I missed it apparently.
I'm extremely shocked, and rather angry. This is my 'low security risk'
password, but I do share my low-security password among a few sites (I
presume this is common practise), and I'm quite unimpressed to find such
a
blatant disregard for my personal security and privacy from - of all
things
- a forum full of smart, talented, and experienced programmers!
Now I have to change my password everywhere, and remember to remember a
special one just for this one forum! >_< ... at least I know it'll
remind
me what it is if I forget!
If, after the last year of hacking, and the heartbleed bug, people are not
using password tracker/generators, you haven't learned anything :)
Every single one of my passwords is some random horrible set of
characters, that even I don't know. And I can change them at any time
without any worry of forgetting.
I use lastpass premium, $1/month. I started using it when a web site that
I created a user for, to comment *once* on an article, ended up having its
passwords stolen (in encrypted form), and I realized I had used the same
password as my bank, credit card, email, etc.
A good article on password managers:
http://www.pcmag.com/article2/0,2817,2407168,00.asp
As a bonus, I keep all kinds of info in my last pass vault, that I would
normally have to write down (like safe combinations, or key codes for
doors). It's really cool to have an infinite memory for infrequently used,
but very important things, that only I can access :)
They just updated their "challenge" tool to scour your passwords, tell you
which ones are for sites that were affected by the heartbleed bug, whether
those sites are now safe or not (including whether the certificate is new
or not), and whether your password predates them making their site safe
(so you should go change the password).
-Steve