“the internet is bad and emotions prevail there” maam do you have any idea how big the internet is? youre seeing a singular port and saying its the entire ocean
and dont get me on the cybersecurity and electronics ones
“use a strong password” whats that gonna do if the database gets pwned, sandra? or if you get pwned by a 0click 0day
“blue light is bad for you” LOL
Were you alive at all in the 00s?
“use a strong password” whats that gonna do if the database gets pwned, sandra?
Strong passwords aren’t intended to simply protect against brute-forcing a password via trying to authenticate repeatedly, but also to help protect against brute-force attempts to obtain passwords from a compromised password database using a dictionary attack, the scenario you’re describing.
Typically — if an authentication system is storing its password database competently — the password shouldn’t be stored in plain text. Instead, the password will be salted (to avoid rainbow table attacks) and then hashed via a cryptographic hash. The password database entry will look something like a tuple of (username, salt, salted hashed password). If the password is a strong one, it will be computationally-hard to obtain the plaintext password, even if someone has the salt and the salted, hashed password.
I know using a strong password is important, but thats the bare minimum. this is more directed to the people who think strong passwords are the grail and will LITERALLY not do anything else, and call people paranoid schizos when they try to suggest security
That’s fair.
What would you have them do? What are they missing?- completely hardened browser
- vpn (no corpo ones please)
- secure services instead of corpo ones
Yeh, for 99% of casual internet users… they just aren’t going to care about that.
They don’t want their email/Facebook/back account pwnd.
Like, at all.It’s like saying that 0.01% of traffic fatalities are because an airbag forces your head into the roof of the car. So you should wear a helmet when driving.
You aren’t wrong.
Internet is a massive part of our daily lives. We should be able to fully trust the things we use to interact with it.
But convenience is going to win
Hey I’m like that. Honestly it’s just annoying. Your service isn’t a bank, it doesn’t need to be locked down like one.
For a guy with bad passwords and worse understanding of their storage, this post sure has a lot of emotions.
I knew I recognized their username. You should check out this gem.
just let your cat walk on your keyboard
and storage is how many bits or electrons basically can be stored on the chip, and that depends on the amount of transistors grafted onto the interior of the chip
What hurts more, when you get downvoted or when your posts get ignored?
Ok… And?
“use a strong password” whats that gonna do if the database gets pwned, sandra? or if you get pwned by a 0click 0day
Is that the metric you’re using for what to do? If it can’t stand up to a 0click 0day you don’t do it? Might as well not set up an account or use any services then.
Like most things, it’s defense in depth. Use a strong password to make it harder to crack. Don’t use the same password on more than one site so if they do crack it your blast radius is still small (this also applies to the database getting popped.)
Use MFA so even if they do get your credentials there’s another barrier. Use an app based one like Aegis and avoid SMS and email if you can (though these can be better than nothing.)
Your goal should be to not be the low hanging fruit, not necessarily to be impenetrable especially when you don’t control every piece of the tech stack. A strong password is just one part of that process.
“use a strong password” whats that gonna do if the database gets pwned, sandra?
What database? And how is it pwned? And less importantly, who the hell is Sandra 😂
If you have chosen a, for lack of a better term, password database provider that stores passwords in plain text, which by the way is the only scenario in which pwning such a database would be viable, then that’s on you. Otherwise, trying pwn a database that stores passwords in hashed formats following a secure hashing algorithm is not viable unless you are a nation state level actor with an unlimited amount of 5090s. Even then, if such an actor targets you, you are not like to have subscribes to an online database anyway.
The same applies for the scenario where you store your passwords locally: are they in plain text? Then thank the attacker for teaching you a lesson.* If they are hashed - or even better, since they are saved on your system, encrypted - then good luck brute forcing them.
*I do not condone this behavior
Edit: I miss the 2000’s because connecting with people face to face was a thing. Because of my mental illness, I’m not capable of dating online. Our cultural (d)evolution has taken that from me. Also, Pokémon was still good instead of brain dead children’s slop.
everything will eventually get pwned, its just a matter of time. and there is always human error. oops, dave gave root access to his system to claude because he didnt wanna have to wait 2 more minutes to stuff his face with donuts in the break room. we social engineered the website chatbot into allowing us to gain access of accounts that arent ours, with a proxy and a few nice words.
But someone getting a well-encrypted database is going to have a helluva time decrypting it.
Which is why we say use good encryption.
the “brain dead childrens slop” is quite literally a few children that are getting brainrotted, the kids are fine
and im really sorry you have to go through that
It’s only fair to be specific: in the earlier games, you had to be strategic. If you taught a TM, you used it up. If you taught an HM, it couldn’t be unlearned. And while the backend of the leveling and stats system was broken, at least there weren’t any obvious methods to “cheat” that weren’t straight out bugs. I remember the first time I played Omega Ruby and I started to discover all this. And when I realized there was an island on which I could simply hold the joystick in one place to endlessly walk/bicycle and hatch eggs, I just quit Pokémon and never looked back. Occasionally, I do pick up my Fire Red and Soul Silver, the two last great games, if you ask me, but that’s all.
most things were sucking in the aughts but tech was still decent. that pretty much ended in the teens. you should use a strong password. Your like don’t lock your door because how is that going to help you when someone breaks a window.
Because Pokemon was king, Social Media was MySpace, crazy frog ringtones were everywhere and 444 55566688833 99966688 meant something.
deleted by creator
The early 2000s sucked. Bush, 9/11, Iraq, dj’s taking over for live music. The only people nostalgic for those times weren’t around before them.
