Quote:
Originally Posted by jamthe3
Yes, that's very true assuming that was what one thought at the time as to being the reason for having to change it at all. In the case of dormant accounts ripe for the picking, they might have only thought it was a normal upgrade of software or something. I don't know and am certainly not trying to pick a fight or make any kind of point, just pointing out what is apparent.
True enough. It's just somewhat amazing that people still use poor passwords in this day and age.
At the same time, I know that some people need to learn the hard way before changing the way they handle passwords. And I know from first hand experience - I used to use the same email/password combination at a lot of sites. The password was half decent, but I was using this combo at secure sites and less secure ones, and I suspect the latter was my problem - probably some little forum was hacked. Lost a few thousand on Click2Pay as a result but was extremely lucky in that they were able to recover the funds for me. Ever since then, every important site gets a unique and
very secure password (usually 20+ characters including letters, numbers, special characters) which I store in Keepass (which is free).
This happened to me 4-5 years ago when I was a little more naive and this kind of thing was much less common, so I like to think I would have made the change by now even if the C2P incident hadn't happened, but I can't say for sure. Laziness and procrastination has quite a bit of inertia.
Moral of the story: Those of you still using sloppy password practices, get it together! It really isn't that hard once you get started.