Reply to post: Re: We encourage all customers not to use the same password for multiple sites

Transport for London Oyster system pulled offline after credential-stuffing crooks board customers' accounts

Test Man

Re: We encourage all customers not to use the same password for multiple sites

Agreed. I remember maybe two decades ago reading something about not ever using email addresses as the username for an account, because in doing so it means the attacker has at least 50% of the information needed to get into the account.

So it's such a pity that since then, in the name of convenience this is exactly what pretty much every website goes with.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019