• randombullet@feddit.de
    link
    fedilink
    arrow-up
    16
    ·
    1 year ago

    That’s also assuming they used proper salts and a strong hashing algorithm.

    Also MITM and or phishing attacks are not super common but can also depreciate your common password very quickly.

    Always layered defense. If it’s not 1 thing, it could be another.

    Unique passwords are just one facet on a multi-layered security defense.

    • Blackmist
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      I think phishing is by far the most common way to get passwords.

      I saw a guy at work fall victim to one. Looks like it’s from some customer he knows, links to document on Office365 or similar, enter username and password and swearing because it’s “lost them”.

      I went, “What URL is that?”

      He looked at his screen for a second. “Fuck.”

      “How many passwords have you given it?”

      “My work ones and my bank ones.”

      “Better change those then, hadn’t you?”

      • Blackmist
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Or when they ask for the 2nd, 5th and 8th letters.

        Or have a max character length.