Question of the day
Tuesday, Oct 15, 2024 - Posted by Rich Miller
* ABC 7…
Tech experts at the website Hostingadvice.com say a new study shows that 43% of Americans have had their password hacked or compromised.
The reason? Mostly laziness. Experts say that more than 25% of people use the password 1,2,3,4 and almost a third of people don’t change passwords when they are prompted.
Always use strong, original passwords with numbers and characters.
Find a sentence that is special to you and add characters.
* The Question: Have any of your passwords ever been hacked? Tell us about it.
- lake county democrat - Tuesday, Oct 15, 24 @ 9:21 am:
Only once - Spotify - and for a couple of months afterwards Spotify kept recommending foreign hip-hop songs to me!
- OneMan - Tuesday, Oct 15, 24 @ 9:22 am:
Netflix, of all things, the way I found out was some strangeness in my viewing history (someone was watching shows in Italian). Easy enough to fix.
- @misterjayem - Tuesday, Oct 15, 24 @ 9:33 am:
“Have any of your passwords ever been hacked?”
The only times when a password of mine has been compromised was when the security of the websites was breached by hackers.
It’s happened many, many times and regardless of the strength of my passwords, there’s nothing that I can do about it.
(That our passwords are compromised in this way makes perfect sense — it’s much more efficient for cyber criminals to invest their efforts in cracking the security of a business’ servers (containing thousands of passwords and other personal data) than it is to try to crack my individual password. Success in the latter case yields a single victim, success in the former yields thousands. tl;dr- hacking is a volume business)
– MrJM
- Huh? - Tuesday, Oct 15, 24 @ 9:41 am:
Not that I am aware of. However, when I received a new PIN for my debit card, it was 1234. Called up the bank to reset the PIN. They thought it was funny.
- Anyone Remember - Tuesday, Oct 15, 24 @ 9:50 am:
MrJM - Same here. When working, the IT people said for 8 character passwords (CMS / DoIT RACF character limit I used in most of my passwords), mine were incredibly safe, but advised me about website hacks.
- ChrisB - Tuesday, Oct 15, 24 @ 9:53 am:
Probably.
But maybe it’s not the end users fault. Maybe its the proliferation of apps that companies, schools, kids activities, etc. require me to sign up for just to order pizza or see what time their game is. Maybe it’s because I have no less than 15 different logins to various single purpose apps, that I can’t possibly design a unique password for each and every one of them.
I’m so tired of being asked to download an app to do anything I used to do without a phone. If large corporations, who have entire teams dedicated to developing and maintaining an app, get hacked, how can I trust the little restaurant down the street to keep my data safe? It’s unsustainable.
/rant off
- Fav human - Tuesday, Oct 15, 24 @ 10:02 am:
I use a password manager.
I also use virtual credit cards for all online purchases, and turn them off
after the purchase.
So I’m reasonably safe.
- Friendly Bob Adams - Tuesday, Oct 15, 24 @ 10:11 am:
MrJM- Completely agree. Someone stole my personal email password by hacking the host company. So it wasn’t a case that my password didn’t meet a standard for complexity. They just stole everybody’s passwords.
- Ron - In Texas - Tuesday, Oct 15, 24 @ 10:16 am:
There are users that dont get the tech threats out there today. Also our password concept is broken. It was actually designed (mostly) by some NIST types 30+ years ago (you know 8 characters, upper, lower, a number, a special chrctr, etc).
Then change every X days.
We do it by sheer momentum. Password managers are great (most people dont use them) and the folks setting policies should really go to things like Pass Phrases, with longer durations “Mycatdoesntlikewheniringthedoorbell” for a year is actually way better than Pass,123 changed every 90 days to Ron,1234, then some other simple thing.
this is why you see so much two-factor auth (you sign in and it sends a text code to your phone) BEcause they KNOW the password system today is weak, but no one will really do anything about it, so they snap in this other stuff.
Sorry, just an IT Guy Ranting.
- Homebody - Tuesday, Oct 15, 24 @ 10:18 am:
Only once, when I was making a gag account on a message board and left it with a default “admin” password because I was distracted when setting it up. So again, laziness, as found by the article.
I use unique passwords for most services now, and just rely on the password saver on my physical computer to keep them safe.
It is funny how technology changes though. 20 years ago, if you left a password written down at your desk you’d be concerned someone could sneak into your office and steal it. These days, keeping your passwords written on a piece of paper in your office may be the safest way to maintain them.