Let's talk about passwords - X Nations
      
      
Go Back   X Nations > X Nations > General Webmaster Business and Discussions

Reply
 
Thread Tools Display Modes
Old 01-04-2008, 10:45 AM   #1
Cyndalie
Cyndalie is not it.
Marketing Director / SEO
 
Cyndalie's Avatar
 
Join Date: Aug 2002
Location: Philadelphia
Posts: 2,334
xBucks: 76,824
Send a message via ICQ to Cyndalie
Default Let's talk about passwords

I've been half watching the nats debacle unfold and some thoughts about passwords came to mind. Let's play "what if" and "who's to blame"...

What if a major board had a database hack and the usernames, passwords, and email addresses all got leaked. Now, what if you use that same username and password for everything from other boards, to your ebay account, your epassporte account, your bank account, etc. What if because of the information leak someone just guessed to try those user/passes in places other than the point of origin, and they worked, and your shit gets messed up, you lose money, etc.
Who's to blame? The board that got hacked for bad security? The hacker? The person who leaked the information? Or your dumb ass for using the same username and password for everything you do online?

With that in mind, how many username and password variations do you use on a daily basis?
__________________


Hardcore, Blowjobs, Gay, Wives, Lesbians, Gangbang, Movies, Tranny, Interracial, Teen....
16 Sites, $35 PPS/ 60% Revshare :: Capitalize on Experience
Cyndee - Director of Marketing & SEO
Cyndalie is offline   Reply With Quote
Old 01-04-2008, 11:02 AM   #2
Mr. Plow
Mr. Plow should edit this
Mr. Plow
 
Mr. Plow's Avatar
 
Join Date: Dec 2007
Location: Vancouver
Posts: 127
xBucks: 2,670
Send a message via ICQ to Mr. Plow
Default

My Paypal account got hacked, probably because I was a dumb-ass and used the same password for almost everything and then one of the less secure sites got hacked. Ultimately no harm was done, but after the experience I figure that everyone's responsible for themselves, for being careful with their own info. I now have different passwords for everything and change them about once a month (which may be excessive, but I figure better safe than sorry:P)
__________________
Mr. Plow, that's my name.
That name again is Mr. Plow.
Mr. Plow is offline   Reply With Quote
Old 01-04-2008, 01:58 PM   #3
Mr. Plow
Mr. Plow should edit this
Mr. Plow
 
Mr. Plow's Avatar
 
Join Date: Dec 2007
Location: Vancouver
Posts: 127
xBucks: 2,670
Send a message via ICQ to Mr. Plow
Unhappy This isn't good

Speak of the devil: I just saw online that Too Much Media had a security breach and a ton of email addresses of people who had signed up for adult sites were stolen, apparently for spam purposes. No credit card information stolen, apparently, but it's still pretty scary and could make it harder to sell adult content. Yeesh!
Link
__________________
Mr. Plow, that's my name.
That name again is Mr. Plow.
Mr. Plow is offline   Reply With Quote
Old 01-04-2008, 02:37 PM   #4
Panky
Panky is the Queen of Mean
Moderator
 
Panky's Avatar
 
Join Date: Nov 2002
Location: Montréal
Posts: 4,780
xBucks: 42,022
Send a message via ICQ to Panky Send a message via AIM to Panky Send a message via Yahoo to Panky
Default

All of my sponsors, I have different user/pass combinations for. My banking info, ePass, PayPal, and the likes, all those login details are completely unique. Nothing important matches anything else. Email and FTP passwords are all different as well. Nothing is stored on my computer or external drives either.

It's our own responsibility. We have no control over the places we enter user/pass combinations, enter credit card details, banking info, use debit cards, and the likes. Both in the offline world and the online world. We can only limit our liability should something happen where security is breached and personal information is accessed. We accept that their is some level of risk when we live in a society catering to convenience as well as when we chose to work online, bank online, and purchase items online. People have to take measures to protect themselves first.

The hackers and the sites and/or companies they hack into aren't free from blame either, but it is as much our fault as theirs if we failed to do our part to minimize the damage first.
Panky is offline   Reply With Quote
Old 01-05-2008, 09:44 AM   #5
Relentless
Relentless should edit this
TheTongue.net
 
Relentless's Avatar
 
Join Date: Feb 2007
Location: www.TheTongue.net
Posts: 246
xBucks: 2,702
Default

Excellent post.

Also, on the paysite owner side, why don't paysites all allow punctuation in passwords? The vast majority of brute force scripts use letters and numerals only. Adding a semicolon or tilde or exclamation point to your password makes it exponentially harder to crack.... yet many paysites don't allow punctuation in usernames and passwords.
__________________
Relentless is offline   Reply With Quote
Old 01-07-2008, 10:52 AM   #6
Platinum Chris
Platinum Chris should edit this
Runs with Scissors
 
Platinum Chris's Avatar
 
Join Date: Nov 2004
Location: Toronto
Posts: 380
xBucks: 4,412
Send a message via ICQ to Platinum Chris Send a message via AIM to Platinum Chris Send a message via MSN to Platinum Chris Send a message via Yahoo to Platinum Chris
Default

I believe today, that if something like that were to occur, blame has to be placed both on the users as well as teh databaser owner.

I use different passwords for many different things. Generally on forums, it generally is fairly simple.

When it comes to bank sites, paypal, etc, really, anything to do with money, its very complex.
Basically, I have a string I use, and I code in 2-3 items differently for each site. It keeps it easy for me to remember, and if one of them gets hacked, they can't get into the others.
__________________
ICQ 452-693-563

Adult Rental Cash - VOD - $35 PPS or 35% RevShare
Platinum Feeds - 4,000 S8t, 500+ Gay Full-Length DVD Feeds. Contact me for your FREE 2 week trial!
Platinum Chris is offline   Reply With Quote
Old 01-07-2008, 01:16 PM   #7
Cyndalie
Cyndalie is not it.
Marketing Director / SEO
 
Cyndalie's Avatar
 
Join Date: Aug 2002
Location: Philadelphia
Posts: 2,334
xBucks: 76,824
Send a message via ICQ to Cyndalie
Default

Let's say Xnations got hacked andyour user/pass here was compromised. I think Xnations liability ends at protecting your account at this site though, not if you use the same user/pass at ebay, paypal, etc and those accounts get compromised too. See what I'm saying?
__________________


Hardcore, Blowjobs, Gay, Wives, Lesbians, Gangbang, Movies, Tranny, Interracial, Teen....
16 Sites, $35 PPS/ 60% Revshare :: Capitalize on Experience
Cyndee - Director of Marketing & SEO
Cyndalie is offline   Reply With Quote
Old 01-07-2008, 01:45 PM   #8
Panky
Panky is the Queen of Mean
Moderator
 
Panky's Avatar
 
Join Date: Nov 2002
Location: Montréal
Posts: 4,780
xBucks: 42,022
Send a message via ICQ to Panky Send a message via AIM to Panky Send a message via Yahoo to Panky
Default

Quote:
Originally Posted by Cyndalie View Post
Let's say Xnations got hacked andyour user/pass here was compromised. I think Xnations liability ends at protecting your account at this site though, not if you use the same user/pass at ebay, paypal, etc and those accounts get compromised too. See what I'm saying?
Yes. The liability ends at the site that got hacked. It becomes the users fault if they used that same user/pass for other sites and it happened to be discovered and those accounts got accessed as well.

For example, if XNations got hacked and the database became compromised, XNations isn't responsible for if people got their Medium Pimpin' account accessed, their GFY account, or their Netpond account. XNations is only responsible for it's own security, what they can control. They aren't responsible for sites they have no control over. It becomes the users fault for using the same user/pass for multiple accounts.
Panky is offline   Reply With Quote
Old 01-07-2008, 10:53 PM   #9
Mr. Plow
Mr. Plow should edit this
Mr. Plow
 
Mr. Plow's Avatar
 
Join Date: Dec 2007
Location: Vancouver
Posts: 127
xBucks: 2,670
Send a message via ICQ to Mr. Plow
Default

That's very true, but I think to a large extent the question of liability is mute. My Paypal account got hacked, probably because another site I signed up for using the same user/pass got hacked. It's pretty easy to check all the major sites as well as logical others as mentioned above (if you're in one adult chat forum, it's a good guess you're in a couple others). After that experience, the lack of help I received afterwards and most of all the fact that I'll probably never know what other site was hacked to begin with, I err on the side of caution and figure I'm on my own for security. Phew, that was a long sentence!
__________________
Mr. Plow, that's my name.
That name again is Mr. Plow.
Mr. Plow is offline   Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
2013 - xnations.com
All times are GMT -4. The time now is 10:15 AM.
Skin by vBCore.com