this post was submitted on 26 May 2025
560 points (96.2% liked)
Cybersecurity - Memes
2678 readers
3 users here now
Only the hottest memes in Cybersecurity
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It pisses me off that so many companies store a database of X number of your old passwords in the first place. Like, fuck off twerps, I probably still use those old passwords for at least 20 other logins. When your shitty database is compromised I now have to worry about all of them.
I mean, that's true if you reuse your passwords instead of using a password manager that can generate random gibberish... Which is itself a very poor habit exactly because of this very fact?
Even assuming a company follows best practices (a bold assumption that is wholly inconsistent with reality) there's ALWAYS a possibility of a breach - and it's not if, it's only when.
So, everyone should be using a password manager by default.
I like to use keepassXC personally because it's fully under my control. I don't really care for ones that are hosted by 3rd parties because that introduces more risk if they get beached, but for many people that's fine; it's more convenient for the user. To me it's important enough that I manage it all locally.
And an email mask. Life is easier if you can reset a password and change your email after a breach and have the old email disabled and disappear.
Agreed!
The pain with email maskers is when a service doesn't accept the email as valid.... I have 2-3 I use. I start with blur (abine/ironvest, whatever you call it these days) and if it doesn't work I go to my bench warmers.