Skip to main content

View Diary: Russian Hackers Steal 1.2 Billion Passwords - From Unknown Sites (13 comments)

Comment Preferences

  •  Never trust a site that limits your passwords (6+ / 0-)

    Any string of characters you can type on your keyboard will encrypt to a legal hash. Once encrypted, there's no practical way to tell whether the input string contained special characters or not. If a site doesn't let you use punctuation in your passwords, therefore, that strongly suggests that it is storing your passwords in plaintext, with no encryption. Don't ever use any of your regular passwords on a site like that.

    Really, though, everyone should just use a password manager like LastPass so there's no need for "regular passwords" anyway.

    •  free password manager: (2+ / 0-)
      Recommended by:
      Hey338Too, Cassandra Waites

      WordPad and NotePad on Windows, TextEdit on Mac.

      Open a document.

      Make an alphabetical list of the services, user names, and passwords.

      Give the document an absurd title, not "my passwords."

      Print a couple of copies.  Keep one where it's convenient, keep the other with your secure papers.

      Optionally, secure-delete the document on your computer.  Though, if baddies have infected your machine, you've got bigger problems to worry about.

      When you sign up for a new account somewhere, revise the doc accordingly.

      We got the future back. Uh-oh.

      by G2geek on Wed Aug 06, 2014 at 05:12:36 PM PDT

      [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site