Quote:
Originally Posted by gottabekd
If I wanted to steal a bunch of people's email accounts, the easiest way would be to acquire email addresses/passwords for another service, then check if they used the same password for their email account. It wouldn't be surprising to me if >50% of people use the same password across most online services they sign up for.
That seems like a pretty simple attack vector. You might want to consider what sites you have been registering at recently, and if you might have used the same password as your email account. To prevent this type of attack, try to use a different password for different sites. Or, at least a different password for your email address from your "everyday" password.
|
This is pretty much what I do. If I am signing up to Bob's House of Abortion Photos, I use an email address that has nothing but spam going to it and use a 'generic' password. Sure if someone broke through his 25cent security, they would technically have the username and password to maybe 20 or 30 sites I might be a member of, if they could guess them. Even so, if suddenly lose access to my account for
www.freefunbagwallpaper.com, or my account on the
www.conspiracytheories.com message board is hacked who cares?
Too many passwords that are too hard to remember is a liability. Just make sure the important ones, like your CP account, are protected by unique passwords, especially if they link back to a mail account which essentially would contain all the information about you.
This of course assumes that this was a password based attack. There are vulnerabilities in every piece of software and every piece of hardware out there. The only way to totally secure a computer is to disconnect it from the internet and throw it down a hole 100m deep, then fill it with concrete.
Imagine checking your email on that!
edit: I am surprised one of those fake links worked. Unfortunately it wasn't the one that would have made my afternoon in front of the computer a little more interesting.