To ask you to take responsibility for your own internet security?

[ElderlyKoreanLady]

Between having seen the list and the responses to Justine's thread, it's quite obvious that some people just don't grasp the very basics.

MN has been subjected to something that could happen to pretty much any site if the hacker is creative enough and I personally think they've handled it admirably. But they can't be responsible for an individual user's level of vulnerability.

Now, I'm not suggesting everyone learn how to set up VPNs and all that, but basic security is a must people.

Do not use the same password for everything.

Change passwords often.

Use complex passwords.

Use an email address that does not require your personal information to obtain.

How many threads can there be on this? It's taking up the whole page of active topics.

I would add to that that people should be very careful about what they share online. Many posters have said stuff like 'oh, I don't care if other people on MN/my friends/family know who I am online' while posting photos of their kids, houses, schools, cars etc etc.

As this episode has proved, it's NOT just MN/friends/family who know who you are and where you live because you've given up all your personal info online.

And for the love of god, stop responding to the 'what's your eldest DC's name?' type threads.

You don't have to read them Ilove, just as you're free to scroll past other threads that you find uninteresting.

I'm actually quite surprised that people think name changing regularly is a form of protection yet seem to have pretty weak Internet security in general.

Not much choice when there isn't much else to read

So what exactly is a complex password ? I try to do a mixture of numbers and symbols in a word that I will remember.

I don't have the same password for everything, do I need to change passwords anyway ? Or would it be a waste of time?

Thanks OP. I actually find it useful to have reminders like yours. I do all of the above, but still panic when something like this happens and wonder if I am being sensible. I am, but your checklist helps.

And yy to having lots of threads. I am a very regular reader of MN in the holidays but had still missed lots of other thread (cause I have stickies hidden, and some of the titles weren't very exciting!)

If it helps someone to keep safe its worth it

Also use your mobile where possible and not your desktop - its impossible to track IP addresses this way (I work on the field)

It's clear also that mnhq don't know the basics either, looking at their passwords!

Beryl RE passwords, a combination of random letters (upper and lower case), numbers and symbols is possibly the best password you could get. They can be difficult to remember, but I find that helps with the changing passwords often thing!

I use the app AnotherTime, for precisely that reason. Wish HQ would invest a bit of money developing it though.

I thought that too Chips...quite embarrassing for them really. But hopefully, a lesson learned.

I use the app AnotherTime, for precisely that reason. Wish HQ would invest a bit of money developing it though.
I see you know your stuff!
I agree, better than nothing I suppose

Yes, I do that then, and yes, also end up changing them because I can never remember them. I do have a list somewhere.

Dp says 3 random words with a mixture of lower and upper case and symbols are the strongest, so might just go through everything at some point and change it all.

Beryl I've changed several of my passwords today; I've used the first sentence of a chapter in a book, taken the first letter of each word, and put them in a line, then changed them to a mixture of uppercase and lowercase letters. I've also substituted numbers for letters, e.g. 3 for B, 1 for L, or 0 for O.

Might be a bit complicated but it's an improvement on what I was doing before.

Sorry but it isn't true that using lower/upper case letters and symbols makes a password better.

See here for a good example of how password security works.

xkcd.com/936/

Nonono, don't change passwords for the sake of it. Stolen passwords are generally exploited straight away, so if you've no reason to think yours had been nicked there's no benefit in changing it. It just gives you a bigger headache remembering yet another new password!

The other advice is much better though and I've posted some more, including recommendations on password generation methods, on the other big long AIBU thread about the hack.

YANBU
You have a very good point. Some of those passwords were really pathetic.

Don't use your children's names or dates of birth.
Don't use a recognisable word or consecutive numbers like 'password' or '123'

For complex a password that you can remember easily choose a song title and then take the first letter of each word. Mix in some symbols and numbers (like a friend's phone number in reverse).

For example 'I'm forever blowing bubbles' becomes IFBb£&698684

Regularly change your passwords over all your accounts and NEVER use the same one for all of them.

The little shit hacker will be harvesting IP addresses so don't click on the list if you don't know how to protect yourself. Try using Tor to protect your identity.

If you have to write down your password do it in reverse order.

Tbh it doesn't matter how complicated your password is if been put online in black and white.

Having a complex password protects you in other scenarios Rainbow

no matter how difficult or easy passwords are to guess, if MNHQ doesn't invest in tight security control, they will keep on getting hacked.
Not sure what they are doing about it (they may have said, but probably missed it) but they must use some more sophisticated technology to prevent this from happening again

I try to have different passwords for everything but that leads to me forgetting which goes with which website. Plus a lot of websites use your email as your id, after changing all the passwords I can remember today I know I'd need at least a dozen different user names/emails/passwords and I'd never remember them all.

I do now have separate email addresses for social media so hopefully that will help.

It's times like this that I hate the way almost everything is done online. Yes it's a massive time saver being able to buy anything you can think of online and check bank accounts / pay bills from home but it also makes you vulnerable to having personal details stolen.

Could write the passwords down in a little book ....

Yeah I have my passwords written down, I think I am much more likely to be hacked than have the little book - or in my case the back of an envelope stolen.

Handy to see password tips, thanks for posting them. I am pretty sure mine are all pretty safe. They are pretty random to anyone other than me anyway.

paper is still available :)