web stats

Another Website Passwords Dumped, What To Do Now?

Quite recently Youporn Chat user’s passwords were posted on pastebin thanks to their dumb security policies (blame the coder). According to this blog it was an accidental discovery by some horny idiot who just wanted to see something special.

You Porn chat

I am not going to bother explaining other bits because it’s already been discussed on various blogs, what I am going to discuss about is the passwords used by the users. I know it’s hard to create a secure password from time to time and I know it’s even harder to keep them safe but using the same password for all other accounts is just asking for trouble.

The reason being, almost all the websites you see can be hacked any moment, regardless of how secure they look, someday they will be cracked and your personal information stored in it will get used.

But there is safety in numbers isn’t it? I am sure no hacker would be fast enough to go through the list fast enough?

Wrong, you take the list dumb, you import it in the Mailing List checking software, it will check if the e-mails exist and remove the dummy ones. Then you can sort the addresses by the company, in this case Yahoo.com.

Then if you’re a capable hacker or just a decent scripting guy you can automated checking of the logins by using browser Macro’s. It will check account and you will only have to enter the security code.

These steps can be repeated time after time, plus once they have your e-mail they will Google for connected accounts and will try to login those accounts. In short, if you’re using the same password for everything, you’re screwed big time.

Moving on, what if the guy isn’t bothering with passwords? Well, then he can add you to his mailing list and send you spam and even make a list of the working e-mails and sell them.

I am sure they are other ways to use your information, phishing and Identity fraud comes to mind. But we’re all forgetting something, most of these hacks are published on the Web, we know because someone is bragging about what he did or some guy just decided to have fun with it but what if someone hacked these websites and just took the data.

On the Internet working e-mail addresses are a high value target, it can be used by Internet Marketers to get you in their program and it can be used by Phishing websites to send you fake messages and get you in more trouble.

But enough with scary story, the real question is HOW CAN WE PROTECT ourselves from this mess?

I am glad you asked this question, by using a password manager like Last Pass. That’s it. I used to bitch about using something like that but trust me it’s a life saver. It generates passwords for me and it remembers it as well and on the plus side each website has a unique password, so if something gets compromised my other accounts are safe.

Combined that with some discipline and some life training (checkout the Infinite Successes program) you could easily prevent something going wrong, look we can’t really control anything but it’s better to be prepared ahead of time.

So, just take two steps in the right direction and I am sure you wouldn’t have to worry about having your passwords stolen. Sign up for the newsletter to get more hidden stuff.

 

Leave a Reply