this post was submitted on 27 Oct 2023
1291 points (98.0% liked)

Memes

45329 readers
2845 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
1291
Add-on: same password, same identity. (lemmy.world)
submitted 11 months ago by woshang@lemmy.world to c/memes@lemmy.ml
172 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] newIdentity@sh.itjust.works 8 points 11 months ago (9 children)

Not really though. Once the password has been leaked, it needs to be cracked. And that usually doesn't happen when the password is strong enough.

Except the password wasn't hashed but then the company belongs to get sued to bankruptcy

[–] randombullet@feddit.de 16 points 11 months ago (4 children)

That's also assuming they used proper salts and a strong hashing algorithm.

Also MITM and or phishing attacks are not super common but can also depreciate your common password very quickly.

Always layered defense. If it's not 1 thing, it could be another.

Unique passwords are just one facet on a multi-layered security defense.

[–] willworkforicecream@lemmy.world 3 points 11 months ago (2 children)

Yep. Once I hit the password recovery link for a website and they emailed me my old password to me in plain text.

[–] Blackmist@feddit.uk 2 points 11 months ago

Or when they ask for the 2nd, 5th and 8th letters.

Or have a max character length.

[–] newIdentity@sh.itjust.works 1 points 11 months ago* (last edited 11 months ago)

Holy shit that's bad. I hope that was more than 5 years ago. They would actually deserve bankruptcy

load more comments (1 replies)
load more comments (5 replies)