Warning: change your password please!

[holbob]

I know, right. They knew my name and seemed really genuine. Even knew I was having problems with my internet. Hopefully after I gave them my credit card details, they will get back to me in three weeks like they said they would with an update. *fingers crossed*

We should check forum members accounts haven't been compromised by asking them questions based upon past known behaviours.

Hey John! Would you like a free chinese Class D chip amp?? You could use it exclusively for the treble frequencies for your speakers!

 

[tomtoo]

Size matters

 

[testp]

weirdly, revel and jbl websites are inaccessible..

Secure Connection Failed
An error occurred during a connection to www.revelspeakers.com. Peer’s Certificate has been revoked.

strange things are happening

 

[Piere]

What do you suggest, writing them on a notepad and putting in a drawer?

Seriously, if you have a unique password for every site, then you aren't going to remember 10+ login passwords (presuming they are decent passwords).

Written down passwords are not handy anyway for daily logins. But if you want written secret plain text secret, there is a free simple quite old but very handy tool that always works with any Win PC without any installation: https://sourceforge.net/projects/locknote/

 

[Labjr]

Oh no! This is becoming a weekly issue all around the internet.

Any chance you'll be able to use passkeys in the near future rather than passwords?

I already use Passkeys on a couple web sites. I do wonder if it's bullet-proof. I had to log in to Best Buy with a password to create a Passkey. So someone may still be able to log in with a password if you don't use 2FA. Will constant updates be required to stay ahead of the hackers? People tend to be lax with updates. We probably won't find out how secure it is or isn't until everyone is using it. It doesn't work with IOS 15 so I won't be able to use my old iphone 6S plus to authenticate.

 

[Chrispy]

I've never used a "strong" password at all for fora, not been taken advantage of yet in many years of doing this. The fora passwords have no relation to my more secure passwords or other accounts tho, so I've always taken the attitude they can maybe do something in the fora but there's not much to be gained there.

 

[Mosquito]

Hello everyone. Found three accounts today that were hijacked and spam posted under their alias. Maybe it is coincident but just to be on the safe side, please change your ASR password as soon as you can.

Thank you.

done

 

[Steve Dallas]

It is not the first time LastPass was breached. I have since long stayed away from LastPass. Better to Use KeePass or something similar and store the passwords offline. https://keepass.info/

I recently engaged a white hat security consultant to pen test our network at work. He hacked into our security manager's laptop, replaced his KeePass executable with a hacked version, and gained access to the admin passwords for nearly everything on our network. He left his report on the desktop of my laptop instead of emailing it to me. Needless to say, we no longer allow KeePass. He recommends BitWarden.

 

[Vive la dissonance!]

If you had used the german version passwort, he never had a chance.

Paßwort, bitte schön.

 

[Emlin]

Damn, I'm running out of space for tattoos...

 

[testp]

Damn, I'm running out of space for tattoos...

you can always use them reversed.. problem will be with pswrds like otto, abba and such..

 

[sofrep811]

Didn't see the SPAM. Is the Purpose of this kind of SPAM to get a product in your head or nefarious? I'll never understand the SPAM where folks are shilling a widget. It's lower than cold calling someone to buy encyclopedias.

 

[Somafunk]

I use the inbuilt iOS password creator/manager for iMac/iPad and iPhone, not had any notifications of a breach or notice to change for this site but I have had to change my Twitter password twice in the previous 2 months, likely due to Elon the dick sacking 70% of the staff.

 

[amirm]

Didn't see the SPAM. Is the Purpose of this kind of SPAM to get a product in your head or nefarious? I'll never understand the SPAM where folks are shilling a widget. It's lower than cold calling someone to buy encyclopedias.

The main use these days is to link to a site which as a result, causes Google to rank them higher in search results. But they also try to sell stuff.

 

[ibenjamin]

Thank you for the heads up. So annoying. Password changed. Don't they understand we are just trying to have fun with our favorite hobby here?

 

[JPA]

What do you suggest, writing them on a notepad and putting in a drawer?

Seriously, if you have a unique password for every site, then you aren't going to remember 10+ login passwords (presuming they are decent passwords).

I tried a couple of password managers but found them too cumbersome. Now I just use a plain old Word document on my Windows system. The file system is NTFS, so I can encrypt the file. If you don't use NTFS I believe you can still use bitlocker, but I'm not sure.

 

[DuncanDirkDick]

I tried a couple of password managers but found them too cumbersome.

Self hosted bitwarden instance works well for me and integrates well to mobile and desktop.

 

[beefkabob]

I love me some Lastpass. Just have a seriously long master password and you'll be fine no matter what. Using a different email address or login for most websites is pretty helpful too. I have a bajillion attempts to hack my business wordpress, and they're all the wrong logins attempted by scripts. I have gotten hacked before, but only because of flaws in wordpress itself, which no password program can stop.

 

[Blumlein 88]

I love me some Lastpass. Just have a seriously long master password and you'll be fine no matter what. Using a different email address or login for most websites is pretty helpful too. I have a bajillion attempts to hack my business wordpress, and they're all the wrong logins attempted by scripts. I have gotten hacked before, but only because of flaws in wordpress itself, which no password program can stop.

So they have been hacked, twice, and you still stick with them? I'm am not sure I understand that thinking.

 

[Piere]

I tried a couple of password managers but found them too cumbersome. Now I just use a plain old Word document on my Windows system. The file system is NTFS, so I can encrypt the file. If you don't use NTFS I believe you can still use bitlocker, but I'm not sure.

Same here! Didn't find an easy peasey lean and mean pw manager up to now other than the build in of Firefox. If you want to encript you can use Locknote already noted: https://www.audiosciencereview.com/...hange-your-password-please.41087/post-1453670 It's a selfcontaining executable you can store on a USB sticky at wish.

But whatever measures you take, it does not prevent you from hacked other sites containing you credentials. So thanks Amir for the warning anyway!