a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by ecib
ecib  ·  4348 days ago  ·  link  ·    ·  parent  ·  post: Hubski with ssl?

Yeah, I've been meaning to forever but just have not gotten around to it. Sounds like a task for the next time I find myself on my couch with some time to spare :)





ll  ·  4347 days ago  ·  link  ·  

Thing is, it really is convenient.

If you do not want to set that up, you can always have a password like ThisIsAPassword-Hubski for hubski, or ThisIsAPassword-Facebook, it is slightly safer, makes the password stronger, and it actually helps discover where a leak of passwords came from, as usually someone will dump the passwords on pastebin without a source, and passwords like that will help identify it.

ecib  ·  4347 days ago  ·  link  ·  

Ah, see, I always viewed the latter option as terribly unsafe. If one is compromised, then the attacker has access to a wide range of services as the function is obvious.

But thanks for reminding me to set up a pass manager :)

ll  ·  4346 days ago  ·  link  ·  

It is slightly more secure than using the exact same password everywhere, as when one site is compromised, the password can be put in a wordlist for brute forcing or hash cracking.

So instead of using ThisIsAPassword for every site, you have a slight variation but it is still extremely convenient to remember it.