A really creepy thing just happened to me. A few years ago, a friend was going through a hard time, so I wanted to give her an anonymous gift to lift her spirits a bit. What I did, was buy her a game, create a dummy email account and then email her the log-in information so she could download the game and never know who it came from.
Just today, I received an email from that dummy account - somebody had cracked my recovery question and had accessed it. How they even knew of the existence of the account is beyond me, because literally the only thing it had only been used for was sending a single email to my friend giving her the details for the game. Apparently I'd also sent myself a test email, and that's how they got my email address. I checked on my dummy account, and it had been deleted.
It was no big deal. The account meant nothing to me, but it was really unnerving. What if it had been one of my primary email accounts? What if it had been Paypal or Amazon or Steam? I have so many accounts with a single password. It's a good password, numbers and letters and all that, but what if that guy went one step further and started dumping that same password into other accounts of mine.
Moral of the story - strong passwords + different passwords. Do it now!";
Just today, I received an email from that dummy account - somebody had cracked my recovery question and had accessed it. How they even knew of the existence of the account is beyond me, because literally the only thing it had only been used for was sending a single email to my friend giving her the details for the game. Apparently I'd also sent myself a test email, and that's how they got my email address. I checked on my dummy account, and it had been deleted.
It was no big deal. The account meant nothing to me, but it was really unnerving. What if it had been one of my primary email accounts? What if it had been Paypal or Amazon or Steam? I have so many accounts with a single password. It's a good password, numbers and letters and all that, but what if that guy went one step further and started dumping that same password into other accounts of mine.
Moral of the story - strong passwords + different passwords. Do it now!";
I'm so sorry you had to get spooked like that, but I'm really glad you posted this reminder. What Claine says it absolutely true. Your paypal password should not be the same as any other password you use, and the password for your email should also be 100% unique.
If you use the same password for every account online, cracking one means that ALL of them will be cracked and stolen. Make sure the most important ones are unique!
If you use the same password for every account online, cracking one means that ALL of them will be cracked and stolen. Make sure the most important ones are unique!
My advice to you is use multiple passwords. Yes, it's another thing to remember but let's say someone gets into your steam account, they will then have the ability to access your email and from there figure out every other account you have.
Even if you don't want to create a seperate password for every account, at least use something unique for email and paypal.
This video about password safety is worth a watch as well.
EDIT: Kim beat me to it again! But it's worth repeating.
Even if you don't want to create a seperate password for every account, at least use something unique for email and paypal.
This video about password safety is worth a watch as well.
EDIT: Kim beat me to it again! But it's worth repeating.
Yep. At first I wanted to just laugh it off. "Haha! Enjoy your dummy account!" but I got more and more nervous. So I downloaded a password manager, made myself a bunch of randomly generated passwords - and now I have a unique one for every site.
You guys just reminded me that I have been meaning to change my YouTube password, because it's not that strong.
Said and totally done.
Said and totally done.
Excellent 
Heimdall, that comic is one of the best ever.
You are on: Forums » Smalltalk » Password Safety
Moderators: Mina, Keke, Cass, Auberon, Claine, Ilmarinen, Ben, Darth_Angelus