Reply to post: Hash

620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts

Lee D Silver badge


Surprised quite how many of them are using salted hashes (even if some of them are out of date).

I was honestly expecting a lot worse.

This is why you use a unique username/email and password for each site, and why you DON'T plug them into a password manager.

Buy yourself a domain. Use the "catch-all" functionality to make up any email address you like for each company, and either generate random passwords or only re-use passwords with same-level-of-access sites (e.g. if one dating sites has all your stuff, then another dating site sharing the same password gets them no more information than they've already got, but saves you having to remember/write down a million different passwords. Use a password for banking, one for accounts with credit cards, one with personal information, one for forum accounts, etc. and you only need a handful of passwords. Plus, if you use unique username/email combos then it doesn't really matter if your password gets stolen from one site - the same credential won't work on another because the username will be all wrong anyway).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019