Hacker News new | comments | show | ask | jobs | submit login

And then one of the accounts' password is stored in plaintext and the database is leaked with the mail addresses and everyone can easily log in as you at 100 services.

Never, ever, re-used passwords for anything you value.




Except, as the comment you responded to suggested, you would use a different email for each service.


did you actually read what I was saying on the blog post or the comment??

Most people re-use not only the password, but also their email. This is the worst combination.

If you use an unpredictable, unique email address, and use a secure password. Even if it leaks on one site, the attacker has no easy way to predict what your email address is going to be on any other site without having access to the list of email addresses.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: