[Noisebridge-discuss] email password cracked - what to do?
Gian Pablo Villamil
gian.pablo at gmail.com
Tue Sep 6 00:26:10 UTC 2011
I have a bunch of reasonably knowledgeable friends who have had their
accounts hacked, and it is almost invariably because they use the same
password on multiple sites. Once one site is cracked, it's like dominos
falling.
Usually the weak link was an online forum or e-commerce site, usually small,
home-made, self-admin'ed. All it takes is carelessness, and an intruder (or
heck, even the site owner fallen on hard times) has a list of email accounts
and passwords (to that site). Try the passwords against the email accounts,
facebook accounts, etc, and the hit rate is likely to be really high.
A good technique is to use complex root passphrase, with a systematic
permutation of it for every website you use. Even if the permutation is
predictable to a human, it will defeat automatic systems.
On Mon, Sep 5, 2011 at 3:41 AM, Frantisek Apfelbeck <algoldor at yahoo.com>wrote:
> Hi there!
> Several email accounts (yahoo) of my friends were compromised in the last
> few weeks probably due to the weak access passwords. I wonder if it is
> enough to log in and set a new stronger password and make sure that the
> internal info for access to different blogs, bank accounts etc which could
> be among the emails is secured = passwords changed etc.
>
> Is this the right way to go?
>
> Is there something else to do?
>
> Thanks a lot,
>
> Frantisek
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20110905/541b0cea/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list