back to article Reddit locks out users with poor password hygiene after spotting 'unusual activity'

Some Redditors have been locked out of their accounts over a mysterious security problem that the internet forum's admins have blamed on people reusing old passwords. Precisely what has happened, or whether Reddit itself has suffered a hack or data breach, is not yet known, only that the website described it as a "security …

  1. Mage Silver badge
    Paris Hilton

    Hygiene

    I use proper bar soap and water on my passwords. These new fangled liquid soaps, alcohol wipes and disinfectant sprays are not as good.

    Also I always apply a fresh password, I never re-use old ones. That would be like reusing condoms.

    1. Waseem Alkurdi
      Angel

      Re: Hygiene

      Or to use a version appropriate for a less civil setting, like reusing old tissue paper.

      1. Mage Silver badge
        Coffee/keyboard

        Re: Hygiene

        Snort!

    2. Andy Non
      Trollface

      Re: Hygiene

      Nah, you can reuse condoms, just remember to turn them inside out first.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hygiene

        No, you grab them by the tip and you shake the fuck out of them.

        (careful with that joke... it's an antique)

        1. Waseem Alkurdi

          Re: Hygiene

          Vintage stuff usually has a high resale value.

          1. W.S.Gosset Bronze badge

            Re: Hygiene

            As long as it has a high re-tale value.

    3. JCitizen
      WTF?

      Hmmmm!

      Just how do they know users were reusing passwords from other sites? Hmmm? Is it their craptastic tracking spyware? If they were running a security app it would be different, but I'm not aware that they fit that definition!

  2. Barry Rueger Silver badge
    Paris Hilton

    Death to passwords

    I cannot say how many passwords and IDs are floating around for me, but it's at least in the dozens. The likelihood that I'll use a different password for every single one of them is zero. Even with Chrome of Firefox saving passwords, or one of the password manager things, it just isn't going to happen.

    People have lives, and aren't going to do backflips to try and create multiple passwords to multiple sites, each of which wants some specific format and combination of letters, numbers, and emojis. It's just way to much hassle. Besides which invariably it's the junk sites that I likely will never visit again, or where I would never think of posting anything remotely valuable that want superduper, two factor authenticated passwords, while my friggin BANK only accepted uppercase letters starting late last year.

    Yes, the truly important things in my life have big, complex passwords, but stuff like user forums don't because honestly it's just not that important to me. And besides, I'm a hardcore user of the "Forgot password" link.

    The time has long since passed when we should have come up with something to replace passwords. They made sense thirty years ago when you might have one or two log-ins, but it's insane to try and use them today. Lecturing users about "hygiene" does nothing of value - it just irritates people who already know at least vaguely that passwords matter.

    1. Baldrickk Silver badge

      Re: Death to passwords

      I don't know about you, but my password manager tells me if I have any duplicate passwords in it, and in many cases gives me the option to create and update the new passwords with a single click (or in some cases, 0 clicks, as it can do it periodically as well)

    2. teebie

      Re: Death to passwords

      In the case of low-value sites that really have no reason to be asking me to login my password manager is to enter the site into bugmenot and copy across the first result.

      1. DropBear Silver badge

        Re: Death to passwords

        I can't remember when it was that BugMeNot last managed to successfully log me anywhere at all (but I'm pretty sure dinosaurs were still a thing). Probably because they are willing to honour "delist our site permanently" requests - any site that cares enough to force you to log in will have taken the time by now to request a delist.

  3. unclaimedoutsider

    Use a password manager

    People use weak passwords on Reddit because they don't care which is a bad way to think. The answer is to get a password manager and have make strong passwords for all your accounts. A password manager is the one thing that not only makes you more secure but also makes your life easier too. There is no excuse to not use one.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019