How dangerous to use same username but different password?

PrintMule

hero member

Activity: 980

Merit: 500

FREE $50 BONUS - STAKE - [click signature]

Quote from: favdesu on July 04, 2013, 04:40:38 AM

Quote from: PrintMule on July 04, 2013, 04:35:24 AM

Quote from: favdesu on July 04, 2013, 04:28:58 AM

it's neither the username nor password that's the problem in most hacks. It's the user.

use anti-vir, a decent browser and common sense. that's more important than complex 16digit passwords and shit

My brother has played one pretty popular mmo 1-2 years ago, and their user account database was compromised (i'm thinking just sold) and went off to the internetz.

Next thing you know - he got his email and some accounts hacked too. That was a good lesson for him.

So you here you go.

if you use your paypal pass for games then see

Quote

common sense

if you use windows firewall on xp with java 5 then see

Quote

common sense

also it could've been not an email but any other associated service/account, so

Quote

complex 16digit passwords and shit

are as important as anything else

naphto

sr. member

Activity: 392

Merit: 250

Quote from: wolverine.ks on July 03, 2013, 08:47:24 PM

If I were to use the same username, or similar username on multiple sites, then use a password generator to create passwords with 200-300 bits of entropy, does anyone consider that to be not secure enough?

Should I be using completely different usernames for each site?

Depends if you use the same email address, and that email can recover all the passwords

favdesu

legendary

Activity: 1764

Merit: 1000

Quote from: PrintMule on July 04, 2013, 04:35:24 AM

Quote from: favdesu on July 04, 2013, 04:28:58 AM

it's neither the username nor password that's the problem in most hacks. It's the user.

use anti-vir, a decent browser and common sense. that's more important than complex 16digit passwords and shit

My brother has played one pretty popular mmo 1-2 years ago, and their user account database was compromised (i'm thinking just sold) and went off to the internetz.

Next thing you know - he got his email and some accounts hacked too. That was a good lesson for him.

So you here you go.

if you use your paypal pass for games then see

Quote

common sense

PrintMule

hero member

Activity: 980

Merit: 500

FREE $50 BONUS - STAKE - [click signature]

Quote from: favdesu on July 04, 2013, 04:28:58 AM

it's neither the username nor password that's the problem in most hacks. It's the user.

use anti-vir, a decent browser and common sense. that's more important than complex 16digit passwords and shit

My brother has played one pretty popular mmo 1-2 years ago, and their user account database was compromised (i'm thinking just sold) and went off to the internetz.

Next thing you know - he got his email and some accounts hacked too. That was a good lesson for him.

So you here you go.

favdesu

legendary

Activity: 1764

Merit: 1000

it's neither the username nor password that's the problem in most hacks. It's the user.

use anti-vir, a decent browser and common sense. that's more important than complex 16digit passwords and shit

tkbx

sr. member

Activity: 350

Merit: 251

If you're only worried about getting hacked, then different passwords are all that matter. However, I learned the hard way that all the little pieces of info you reveal across dozens of sites can end up giving enough information to get your address if combined. Usin different usernames will deter this.

Lethn

legendary

Activity: 1540

Merit: 1000

It depends, usernames are displayed publicly so honestly if you use only one username it doesn't matter much, if however you don't want people to be able to easily trace you then you can use for sure and that will throw most people off track. I do this with usernames and email addresses as well, there are some places like on this forum that allow you to hide your email address but to be safe you can just make some random gmail accounts etc. when registering to sites, they all have those same privacy disclaimers but there are a lot of companies/corporations out there that have fuck all respect for your privacy. Sometimes just spreading your accounts etc. to different accounts will minimise the loss if they ever do get hacked and so on.

When you're connecting to the internet, even privately, treat it like international television, even if you don't think it anything you record, write or blink is being transmitted to everyone worldwide whether you like it or not, the problem is a lot of people don't realises it so then they get all bitchy when they get caught out by it for not knowing better.

zackclark70

legendary

Activity: 868

Merit: 1000

ADT developer

Quote from: wolverine.ks on July 03, 2013, 08:56:14 PM

Quote from: zackclark70 on July 03, 2013, 08:49:25 PM

I use zackclark70 on a lot of sites different passwords on all 99% of the time the email address is the weak link

what defense is there if an email account has already been compromised?
what would make compromising an email account not so devastating?

if an email is compromised you have to count everything connected to it as potentially compromised

I use a different email every time I need one with the same password as what that email account is used for

( if they brake the email account they could get into whatever I needed to email to register for anyway )

wolverine.ks

sr. member

Activity: 375

Merit: 250

Quote from: zackclark70 on July 03, 2013, 08:49:25 PM

I use zackclark70 on a lot of sites different passwords on all 99% of the time the email address is the weak link

what defense is there if an email account has already been compromised?
what would make compromising an email account not so devastating?

AliceWonder

full member

Activity: 168

Merit: 100

username is not a security measure.

There is no danger in using the same username on multiple sites, unless you don't want people to know it is the same person (obviously).

EDIT - and yes, different passwords is a good idea. It's amazing how many websites do not hash the password even now in 2013.

Good sites will use a salted hash including the username as part of the salt, but most sites just use a single salt and a few don't even do a basic hash.

zackclark70

legendary

Activity: 868

Merit: 1000

ADT developer

I use zackclark70 on a lot of sites different passwords on all 99% of the time the email address is the weak link

wolverine.ks

sr. member

Activity: 375

Merit: 250

If I were to use the same username, or similar username on multiple sites, then use a password generator to create passwords with 200-300 bits of entropy, does anyone consider that to be not secure enough?

Should I be using completely different usernames for each site?

Topic: How dangerous to use same username but different password? (Read 1895 times)