Futuristic Robert [KJ5ELX]

7 months ago

Futuristic Robert [KJ5ELX]
7 months ago

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: benjojo.co.uk/u/benjojo/h/cR4d…]

blog.cloudflare.com/password-r…

#cloudflare #password #cybersecurity

Password reuse is rampant: nearly half of observed user logins are compromised

Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.

^{The Cloudflare Blog}

This entry was edited (7 months ago)

reshared this

Unknown parent

Thunderbird: Free Your Inbox

Unknown parent 7 months ago

@RaymondPierreL3 We welcome any and all recommendations! They are all good, and thanks for using us (and telling your fediverse friends.) 😊 🙌

@RaymondPierreL3

Unknown parent

skaphle

Unknown parent 7 months ago

@EndlessMason @ErikvanStraten @malanalysis Cory Doctorow @pluralistic argued that hiding your email address from spambots is futile anyway so he doesn't worry when he publishes it regularly: theguardian.com/technology/201…

He needs a good spam filter technique though. Afaik he is still using the same email address.

Keeping an email address secret won't hide it from spambots

The spam wars aren't going away soon but treating public email addresses as secret is of no benefit

^{Cory Doctorow (The Guardian)}

@Cory Doctorow @Vern McCandlish @EndlessMason

in reply to skaphle

RaymondPierreL3

in reply to skaphle 7 months ago

@skaphle @EndlessMason @ErikvanStraten @malanalysis @pluralistic

A good promo for #Thunderbird , it’s a very good email client. I use it as well (not that my use is any recommendation whatsoever next to Cory’s :)

#thunderbird @Cory Doctorow @skaphle @Vern McCandlish @EndlessMason

Unknown parent

EndlessMason

Unknown parent 7 months ago

@ErikvanStraten

If your adblock is good enough you always see the captchas, so you always know when a thing is cloud flair.

Also, who's not doing single use email addresses? Every site is a sea of spammy notification/cart abandonment/special offer/watch list/privacy policy update/m&a mail... And thats before they get pwned or sell your details.

Who wants all that in one mail box?

I already get a bitcoin scam call every 2 weeks because i enabled sms 2fa one place and scammers got hold of the number. At this point they know i know and they know i know that, but the guys on the phone have a call/hour quota and they gotta pay rent i guess...

@0xF21D @malanalysis

@Vern McCandlish @Futuristic Robert [KJ5ELX]

in reply to Futuristic Robert [KJ5ELX]

Vern McCandlish

in reply to Futuristic Robert [KJ5ELX] 7 months ago

@0xF21D

@Futuristic Robert [KJ5ELX]

in reply to Vern McCandlish

Futuristic Robert [KJ5ELX]

in reply to Vern McCandlish 7 months ago

@malanalysis it makes sense since they function as a global reverse proxy and do MItM decryption of traffic for optimization purposes. But them calling it in such a way is creepy, and also now the cybersecurity community needs to rekon with something we technically knew was going on before but didn't consciously consider a threat, until now.

@Vern McCandlish

⇧

Futuristic Robert [KJ5ELX] 7 months ago • •

Futuristic Robert [KJ5ELX]
7 months ago