Submitted by LineChatter t3_127u2i5 in LifeProTips
Comments
misdreavus79 t1_jeh2qtr wrote
Glad someone else got the rant out first.
Damas_gratis t1_jegjk47 wrote
Thanks for that info, I always change my password sometimes monthly. I'm paranoid about losing my Google photos or any of my important information so I just make sure I keep changing my password lol
ledow t1_jegq23d wrote
Regular password changes are actually recommended against by most major cybersecurity and governmental security organisations. But that usually pertains to *enforced* password changes (e.g. every 60 days, etc.).
If your password was secure last month, it should still be uncrackable this month, and for every month going forward.
Damas_gratis t1_jegqqu2 wrote
I used my email during high school when I didnt have my own laptop so I fear that my email still is in their old computers they probably dont know the password tho
Fun times lol glad my email has survived this long
keepthetips t1_jefsb84 wrote
Hello and welcome to r/LifeProTips!
Please help us decide if this post is a good fit for the subreddit by up or downvoting this comment.
If you think that this is great advice to improve your life, please upvote. If you think this doesn't help you in any way, please downvote. If you don't care, leave it for the others to decide.
ledow t1_jegbiho wrote
As an IT guy, this annoys me.
Guessing your password is not "hacking". It literally should not be possible within the age of the universe.
If someone is in your email account, it's compromised. That's it, game over, start again. Same if someone is in your computer. No antivirus can "clean" your computer to the required standard to recover from that. It's like expecting that knife you just dipped in poison to be used in your gallbladder surgery next week just by wiping it on a tea-towel.
Nobody should know your password. You password should be IMPOSSIBLE to guess. Literally impossible. It's really not that difficult to do. You should have two-factor authentication. Any hint that someone has your managed to access your account should be treated by you shutting it down or - at absolute, bare, minimum for a casual email account that you don't care about - changing the password to a truly secure one, booting out all existing logins for it (there's always an option to "log out everywhere"), wiping all the settings, and implementing 2FA, and then immediately moving to a clean account and telling your contacts (who absolutely should ignore that email and check with you personally anyway!). That's the absolute, absolute, absolute, bare minimum.
Unauthorised access is compromise. Wipe the disk and start again from nothing.
But if you want to stop this ever happening - start using proper god-damn passwords, literally something that cannot even be read by someone who sees it quick enough for them to memorise it correctly.
If you can tell someone your password, and they can get even 80% of it right a few seconds later, then it's not secure.