Reddit locks out users with poor password hygiene after spotting 'unusual activity'

Thursday 10th January 2019 19:25 GMT Mage

Hygiene

I use proper bar soap and water on my passwords. These new fangled liquid soaps, alcohol wipes and disinfectant sprays are not as good.

Also I always apply a fresh password, I never re-use old ones. That would be like reusing condoms.

9 2 Reply
1. Thursday 10th January 2019 19:45 GMT Waseem Alkurdi
  
  Re: Hygiene
  
  Or to use a version appropriate for a less civil setting, like reusing old tissue paper.
  
  1 0 Reply
  1. Thursday 10th January 2019 20:38 GMT Mage
    
    Re: Hygiene
    
    Snort!
    
    3 1 Reply
2. Thursday 10th January 2019 20:59 GMT Andy Non
  
  Re: Hygiene
  
  Nah, you can reuse condoms, just remember to turn them inside out first.
  
  6 1 Reply
  1. Thursday 10th January 2019 22:55 GMT Anonymous Coward
    
    Re: Hygiene
    
    No, you grab them by the tip and you shake the fuck out of them.
    
    (careful with that joke... it's an antique)
    
    3 0 Reply
    1. Thursday 10th January 2019 23:16 GMT Waseem Alkurdi
      
      Re: Hygiene
      
      Vintage stuff usually has a high resale value.
      
      0 0 Reply
      1. Friday 11th January 2019 10:49 GMT W.S.Gosset
        
        Re: Hygiene
        
        As long as it has a high re-tale value.
        
        1 0 Reply
3. Saturday 12th January 2019 00:57 GMT JCitizen
  
  Hmmmm!
  
  Just how do they know users were reusing passwords from other sites? Hmmm? Is it their craptastic tracking spyware? If they were running a security app it would be different, but I'm not aware that they fit that definition!
  
  0 0 Reply
Friday 11th January 2019 00:16 GMT Barry Rueger

Death to passwords

I cannot say how many passwords and IDs are floating around for me, but it's at least in the dozens. The likelihood that I'll use a different password for every single one of them is zero. Even with Chrome of Firefox saving passwords, or one of the password manager things, it just isn't going to happen.

People have lives, and aren't going to do backflips to try and create multiple passwords to multiple sites, each of which wants some specific format and combination of letters, numbers, and emojis. It's just way to much hassle. Besides which invariably it's the junk sites that I likely will never visit again, or where I would never think of posting anything remotely valuable that want superduper, two factor authenticated passwords, while my friggin BANK only accepted uppercase letters starting late last year.

Yes, the truly important things in my life have big, complex passwords, but stuff like user forums don't because honestly it's just not that important to me. And besides, I'm a hardcore user of the "Forgot password" link.

The time has long since passed when we should have come up with something to replace passwords. They made sense thirty years ago when you might have one or two log-ins, but it's insane to try and use them today. Lecturing users about "hygiene" does nothing of value - it just irritates people who already know at least vaguely that passwords matter.

8 4 Reply
1. Friday 11th January 2019 10:31 GMT Baldrickk
  
  Re: Death to passwords
  
  I don't know about you, but my password manager tells me if I have any duplicate passwords in it, and in many cases gives me the option to create and update the new passwords with a single click (or in some cases, 0 clicks, as it can do it periodically as well)
  
  2 0 Reply
2. Friday 11th January 2019 12:08 GMT teebie
  
  Re: Death to passwords
  
  In the case of low-value sites that really have no reason to be asking me to login my password manager is to enter the site into bugmenot and copy across the first result.
  
  0 0 Reply
  1. Friday 11th January 2019 15:53 GMT DropBear
    
    Re: Death to passwords
    
    I can't remember when it was that BugMeNot last managed to successfully log me anywhere at all (but I'm pretty sure dinosaurs were still a thing). Probably because they are willing to honour "delist our site permanently" requests - any site that cares enough to force you to log in will have taken the time by now to request a delist.
    
    0 0 Reply
Monday 14th January 2019 18:21 GMT unclaimedoutsider

Use a password manager

People use weak passwords on Reddit because they don't care which is a bad way to think. The answer is to get a password manager and have make strong passwords for all your accounts. A password manager is the one thing that not only makes you more secure but also makes your life easier too. There is no excuse to not use one.

0 0 Reply