• sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 month ago

    I recently went through most of my accounts and randomized the username, with the thought here being to limit the likelihood of one site being compromised leading to accounts at other sites being compromised. I don’t have to remember them due to using a password manager, so it’s really no skin off my nose.

    I’ll use this as a reminder to everyone to improve your security. Some ideas:

    • use a password manager and use random usernames and passwords
    • have multiple email accounts, and don’t use your “main” email w/ random signups - I use a simple mnemonic, like “<user>-<purpose>@domain.com”; so “me-shopping@domain.com” or “me-games@domain.com” so it’s easy for me to remember, but unlikely for a lazy hacker to pwn other accounts (a lot of these are automated); my real email is “me@different-domain.com
    • use 2FA if offered, even if it’s stupid SMS or email based; having any extra step can deter an attacker

    Sucks that people are targeting IA, I hope there isn’t any lasting damage and that this is a simple defacement/DOS.