From: Darren Addy
On Thu, Aug 4, 2011 at 12:24 PM, John Sessoms <[email protected]> wrote:
How do you keep track of them all and still keep them secure?
If you have a reasonably good password (that contains at least one
number and special character) you can use that same one across
multiple sites/services with little to fear.
If you want to go one step further, then simply come up with a
convention in which you use your reasonably good password and then add
something site specific to the front or back (like last three letters,
"ckr" for Flickr, for instance).
I have done that using a reasonably strong password. I had two versions;
with and without special characters.
Some sites require special characters, some sites allow special
characters and some sites don't allow special characters.
Some sites still don't even allow/use mixed case passwords, only
lowercase characters.
But back at the end of 2010 my email address showed up on the list of
emails compromised when Gawker got their password file hacked. I didn't
even know I had a Gawker account.
I got an email from some group informing me, as a courtesy, that my
email and password for Gawker were on a list that had been published on
some hacker's forum.
The implication was that both my email address and the strong password I
was using for everything were compromised when the site was hacked. I
couldn't get any information from Gawker about what had happened and
ended up changing about a hundred passwords to make each of them a
unique strong password.
As it turned out, I did *NOT* have a Gawker account. Gawker allowed
someone else to use my email address to create an account on the site
without verifying it with me. The account was not mine and did not
contain MY password.
I had largely forgotten about that, but I still hope some day to repay
Gawker with interest.
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 10.0.1390 / Virus Database: 1518/3809 - Release Date: 08/03/11
--
PDML Pentax-Discuss Mail List
[email protected]
http://pdml.net/mailman/listinfo/pdml_pdml.net
to UNSUBSCRIBE from the PDML, please visit the link directly above and follow
the directions.
