Conquent: Without Limits
Conquent: Without Limits
Michael Bissell's Blog

So many accounts, so few passwords

2010-02-11 07:08:51
Shortcut URL: http://t.conquent.com/o800

Watching the Twitter stream this morning, I saw a couple notes go by from @chrisorourke:

Hmm looks like someone is hitting all of my online account password recovery tools. 17 texts in the last 10 minutes... about 3 hours ago from Seesmic

Looks like they didn't manage to break into any of my accounts. Nice try, Mr. Hacker. 5 minutes ago from web

DISREGARD THAT, I SUCK COCKS!!! 2 minutes ago from web

GOD DAMNIT, IT WAS PHONE!!! 2 minutes ago from web

Now, I'm not sure if that last post came from Chris or the hacker, but it sounds like he got hacked (cracked?) because someone had access to at least one of his email accounts -- that is, all they were doing was asking services to send login information to the email address on file, and once they got that, they were in.

This might not have been a big problem back in the day that we only had a couple passwords for a couple places. But now we a have couple passwords for multiple email accounts, Facebook, Twitter, flickr or some other photo share and a host of services that, in turn, tie into these things.

Most people I know only have one, or maybe two, passwords, so if you get the password to one account, you're in most of the other accounts. Changing those passwords regularly is almost impossible -- I have literally dozens of social media accounts out there, and I've set up logins on various bulletin boards or other information services that I don't even remember visiting. If I used my real email address and a repetitive password on all of those, then I just handed login info to OTHER sites to whoever runs that board.

I try to be careful and use an obscure Hotmail account and provide no personal information, but it's getting harder to avoid. Ping.fm and Google both have access to a LOT of my accounts. Maybe they don't have my passwords (well, Google does), but it effectively doesn't matter -- bad boy cracker gets into a master account like one of those, and he can spam dozens of websites simultaneously.

This is, in part, the cost of Joe Everyman wanting the spotlight. Everyone wants their voice to rise above the noise, but self publishing online is hard work. People get lazy managing multiple accounts, but when a hacker/slacker/code cracker gets in and uses your accounts for a moment of mental masturbation (why else are the fake postings always about sex?), it's not just the time recovering face, it's the time it takes recovering all those accounts...



Next
Rules are made to be broken -- in a reasoned, systematic way
Previous
The Dali Lama of Hillsdale


Kristen: Re: So many accounts, so few passwords
2010-02-12 15:42:58

One of the reasons I chose long ago to have a *source* for devising my passwords but keeping then all separate. I think right now only two accounts have the same password, and if someone *really* wants my Snapfish password, more power to them :)


Comment on this blog
Your name:


Your email (will not be displayed):


Subject


Message



Enter the text above to help us filter spam:


This article also appears on
Web Development