In the past few months we've seen attacks on http://uk.reuters.com/article/2011/06/09/citigroup-breach-idUKN0912047920110609, http://www.bbc.co.uk/news/technology-12416580, the http://www.bbc.co.uk/news/world-us-canada-13740591, http://www.bbc.co.uk/news/world-us-canada-13587785, http://www.bbc.co.uk/news/technology-13394968, http://www.bbc.co.uk/news/business-13663814, and http://www.bbc.co.uk/news/technology-13642145. This doesn't even cover the fact that email accounts for high profile officials are http://www.bbc.co.uk/news/technology-13626104.

You might want to make sure that your Email password is different from the passwords you use on other websites, and in some cases it might help just to use a different user name on every website. Without an account name hackers who do have your password won't be able to log in very easily. You're still better off just using a different password every time though, and it doesn't need to be too complex. Just avoid words, and try to jumble the characters.

I think that's some good advice, but I won't take it because I'm too lazy to change the password of every single site I go to. Looks like I'm gonna get hacked!

My personal security svcks. I'm not overly worried about hackers. I'm a member of some random websites that don't matter, and if someone obtains my card details off Steam somehow, well, if they're really that desperate to steal all of my few cents, that's not going to bother me too much.

I just make sure that my email password is different. My other password has been unchanged for close to a decade now. I figure that if someone steals an account, I'll use my email to recover the account and start changing all my passwords. The sad part? Nobody has ever broken through. A hefty dose of common sense provides a lot of security by itself, even if I do use the same password on nearly every site.

Same. Sometimes I add an extra number on the end if I'm a little suspicious, but that's as far as I go password-wise.

I think that if hackers want to hack me, they will regardless if I change my password or not. However, there is NOTHING they would want from my online accounts. The only account that is different is my bank account, which I assume uses top grade technology for security. I've got this really cool handheld gadget which randomizes the passcode too!

And as for paypal, we only put money in the account just before purchasing something from e-bay, so right now there's only like 1EUR.

Goes to show that security isn't nearly as good as people might think it is. Anywhere. There was also a recent incident where a single British UFO nut hacked into the Pentagon, seemingly without much effort.

A special case. I doubt they'll be aiming for a bunch of average people like us.

My email password is different from my other passwords, and I have different usernames on several websites with a variation of the same password.

I won't do any banking online, I just don't trust it, It's hard enough for me to even buy anything online. The main thing for me is to be careful of which websites that I buy anything from...and there are only a select few that I trust enough to do that with.

I have unique passwords in the very few places that I'm at on the internet.

I don't really care about security anyway, there's no reason for anyone to hack my accounts so why should I worry?

To check your password's security (and for some advice on choosing passwords), go here: http://howsecureismypassword.net/

EDIT: And DEFCON wrote up a post for Data Privacy Day, but I can't be bothered digging it out this late at night.

"How secure is your password? Enter here:"

*enters password*

"Obviously, it's not very secure if you're willing to share it with strangers."

^

It's just like burglaries where if someone wants to break into a place they will eventually get in. The unfortunate thing about hackers is they can do it any number of times without having to worry about reprisal too much due to anonymity + foreign policies if they are out of the US. Unless it was a misprint in the article I read they caught those 3 people suspected of being part of anonymous then let them go without bail.

Pretty much svcks that people are firing sniper rifles at us from 1.5+ miles away without us being able to pinpoint them let alone capture them.

I'm surprised at how good l33tsp4k is at making your password more secure, add a series of random special symbols like /8&# at the and and its practically unbreakable.
Add to that the fact that I have different usernames pretty much everywhere I feel kinda secure as as I don't have anything worth stealing.

I have this bookmarked, maybe people will find it useful: http://www.makeuseof.com/tag/how-to-create-strong-password-that-you-can-remember-easily/

EDIT: personally, I don't follow it. =/

Is This Safe?

It is actually. I'm not harvesting passwords into an evil database. Of course that's exactly the sort of thing I would say if I were harvesting them. And it wouldn't be hard to do it: a couple of lines of code and I'd have all your passwords. Mwuhahahahahaa! But, to be honest, I don't know what I'd do with them. Make a cake perhaps.

The bit of code that does the calculations is done in JavaScript. And JavaScript is a "client-side" language. That means it runs on your computer – not on ours. No data ever travels from your computer back to the website. You can check this by loading up the webpage and then turning off your internet connection. You'll still be able to use the website to your heart's content.

However, for the super-paranoid among you, you could just type in something a bit like your password rather than your actual password. In fact, that's probably a good idea anyway. Just in case I'm lying.


From brute force attacks, yeah.

Meh problem with passwords is that most sites have a small maximum length.

Kaspersky came with a nifty password manager that runs off of my flashdrive. It makes passwords of random numbers and letters, and stores them for later use after I enter my master password when I plug in the flashdrive. I didn't notice how unsecured I was until I went to all of my favorite websites to change the password and saw that they were all the same.

I always choose passwords associated with the site or whatever, followed by a code of caps and numbers that are the same for all the passwords. So say you're signing up here at Bethesda, you pick bethesda, or oblivion, elderscrolls, fallout, anything like that all in lower case. Then follow that up with the code, like a National Insurance, a PO Box number old or current like SW195EE, or something rank like AREA51, made up of UPPER CASE and numbers. So you end up with bethesdaSW195EE, go to your email and you have gmailSW195EE, or googleSW195EE.

S'pretty good passwords and s'a good system. lol Never forgotten a password yet, across multiple sites and forums, some that I can leave for a year or so and return and remember the password. Just an idea if you ever do get around to changing passwords and are worried about forgetting them.

Edit: Essentially the site itself acts a reminder to the password, and the code is all you have to remember.

There is also http://keepass.info/, which also works as a password safe. Great program, and its password generator works very well too.

Too true. Sharing your passwords with anyone is a very bad idea.



Heh... That's exactly what I did. Super-paranoid? Eh. I prefer "It's not paranoia if they really are out to get you." :ph34r:


:P



I use different usernames for most things, this one is the only one I use in multiple places and then it's only for forum/Beth related stuff and Steam. Different passwords everywhere, of course.

Well Lulzsec announced they are coming after Bethesda or Zenimax on their Twitter. http://twitter.com/#!/LulzSec

Yeah I saw that. Well brink is the main target. They say within the next 24 hours.

Brace yourselves.

Apparently it's also too late at night to spell my name properly (though at least it is a very fitting misspelling)

http://www.gamesas.com/index.php?/topic/1162786-data-privacy-day/


Uhg.

My suggestion would be to temporarily switch your email address you used to the forum to something else. Also changing your password to something very long and very random would be a good idea (even if it means just mashing the keyboard in notepad and copy&pasting that into the login form) at least for the next little bit may be wise.

I'm not sure how much good that would do, it looks like they already got it: