I recently went through most of my accounts and randomized the username, with the thought here being to limit the likelihood of one site being compromised leading to accounts at other sites being compromised. I don’t have to remember them due to using a password manager, so it’s really no skin off my nose.
I’ll use this as a reminder to everyone to improve your security. Some ideas:
use a password manager and use random usernames and passwords
have multiple email accounts, and don’t use your “main” email w/ random signups - I use a simple mnemonic, like “<user>-<purpose>@domain.com”; so “[email protected]” or “[email protected]” so it’s easy for me to remember, but unlikely for a lazy hacker to pwn other accounts (a lot of these are automated); my real email is “[email protected]”
use 2FA if offered, even if it’s stupid SMS or email based; having any extra step can deter an attacker
Sucks that people are targeting IA, I hope there isn’t any lasting damage and that this is a simple defacement/DOS.
For e-mails, you can just get firefox relay with your own subdomain and generate infinite e-mail masks for 1$ a month.
I usually take “[email protected]” for example. It’s pretty great because you just make the masks on the fly.
The email mask is free without a subdomain. I use it for the odd random signups where the only thing I’m really interested in is not having another nobhead add me to their spam lists.
That’s how I used it initially as well, but chose to get a subdomain to identify shops and services that had data breaches/leaks, pass on the email to other shops and services, etc.
If you use the same email everywhere, they can try brute-forcing the password by using the email instead of your username. Give them less to go on. $1/month is absolutely worth it to prevent an important account from getting hacked.
I recently went through most of my accounts and randomized the username, with the thought here being to limit the likelihood of one site being compromised leading to accounts at other sites being compromised. I don’t have to remember them due to using a password manager, so it’s really no skin off my nose.
I’ll use this as a reminder to everyone to improve your security. Some ideas:
Sucks that people are targeting IA, I hope there isn’t any lasting damage and that this is a simple defacement/DOS.
For e-mails, you can just get firefox relay with your own subdomain and generate infinite e-mail masks for 1$ a month. I usually take “[email protected]” for example. It’s pretty great because you just make the masks on the fly.
The email mask is free without a subdomain. I use it for the odd random signups where the only thing I’m really interested in is not having another nobhead add me to their spam lists.
That’s how I used it initially as well, but chose to get a subdomain to identify shops and services that had data breaches/leaks, pass on the email to other shops and services, etc.
And then I can just block that mask.
Yup.
If you use the same email everywhere, they can try brute-forcing the password by using the email instead of your username. Give them less to go on. $1/month is absolutely worth it to prevent an important account from getting hacked.