Dear Stranger readers,
2020 is finally behind us, but our recovery is just beginning. Reader support has ensured that our dedicated and tenacious team of journalists can continue to bring you important updates as only The Stranger can. Now we're imploring you to help us survive another year. Ensure that we're here to ring in our upcoming 30th anniversary by making a one-time or recurring contribution today.
We're so grateful for your support. Thank you.
Comments are closed.
Commenting on this item is available only to members of the site. You can sign in here or create an account here.
Sign up for the latest news and to win free tickets to events
Buy tickets to events around Seattle
Comprehensive calendar of Seattle events
The easiest way to find Seattle's best events
All contents © Index Newspapers LLC
800 Maynard Ave S, Suite 200, Seattle, WA 98134
Comments
Though I guess at that point you're already pretty screwed...
This is the one time where having bad customer service is a plus. It was the stellar customer service that both Apple and Amazon give that made it possible to social engineer an exploit. Just try contacting Google, speaking to a person, and getting them to reset a password in this way. It's unlikely to happen. I don't even know how to get a person at Google, and I use their services for almost everything. The lesson to learn is that the person is the weak link more often than the computer.
2. Xkcd on good password strength.
3. Never NEVER NEVER use the same passwords for: Email, Facebook, Banking, & Work. Also, write them down and keep that paper in a safe location at home.
I personally use Steganos 'LockNote' as my account/password keeper file.
I write down my passwords down on paper. That's my password manager.
What really worries me, what really keeps me up at night, is the thought of someone breaking into my Slog account. Forget my bank account and medical records. This is what really matters!
Still this whole thing shows that the strength of your password is only 1 piece of the puzzle, and only protects against guessing and brute-force. There are other ways to be compromised.
So it doesn't matter if you have complicated passwords, or even password managers, just have to keep calling Apple Support and find a gullible/new rep.
Only problem was they were compromised a year ago or so, but they have implemented 2 step authentication several different ways since then. I use the Google Authenticator app on my iPhone. You can also use a USB Key or a printed out grid of numbers (kinda old school WWII style but it works if you don't have a smartphone).
You're right - random passwords would be more secure than the first technique, though near impossible to remember.
Mat is not the only guy whose kids will have no baby pictures of themselves because of a catastrophic failure, coupled with a non-existent backup strategy. Most will be simple HD failures, and could have been easily recovered with a $100 USB drive and a very modest amount of effort.
Backups - Just Do It.