% of members to lose $ due to this hac k?

[Maserschmidt]

bobot:

My prediction is 0% (+ or - .0001%)

So wait, wait, the negative part of that confidence interval…is there a chance someone might credit my account?

[ZipperJJ]

GuanoLad:

Remembering 70 different passwords that have to be changed every time some moron hacks into a site is completely impractical for most people.

Uh, no, that’s why you use 70 unique passwords. So you DON’T have to do that. If your SDMB login gets stolen then you don’t have to worry about changing any others because all the others are unique.

If you use the same pass for 70 sites and one of them gets hacked THEN you have to go change the passwords for 70 sites.

[gotpasswords]

ColdPhoenix:

You appear suspiciously knowledgeable about this subject… :screwy:

If I don’t know about passwords, who would?

[Senegoid]

Antigen:

I keep mine in a little book in my desk at home. I figure if someone’s breaking into my house, they’re going to take my stuff, not sit at my computer and try to get into my bank account. It’s the onine bad guys who are trying to get at my passwords, and they can’t see into my book. So I use different, secure passwords everywhere, and refer to my book when I need to.

Ditto this. My password manager is a physical manila folder containing a separate sheet of paper for each of my on-line accounts, with login name, password, security questions, and some other notes I might find pertinent. The folder is stored in the midst of a bunch of other folders with other unrelated stuff, and not in the immediate vicinity of my computer. Like Antigen, I’m not terribly concerned about anyone gaining physical access to that folder.

No way I’m going to memorize all those names and passwords, and I have far fewer than 70 of them!

[bobot]

Maserschmidt:

So wait, wait, the negative part of that confidence interval…is there a chance someone might credit my account?

Oops. I was hoping no one would notice that…
So, yes, my prediction is that .0001% of
Dopers will make money on this deal!
:D:smack:

[Canadjun]

bobot:

Oops. I was hoping no one would notice that…
So, yes, my prediction is that .0001% of
Dopers will make money on this deal!
:D:smack:

OMG! I’d better quick put my password back the way it was so I can be one of those .0001%!!

[GuanoLad]

Canadjun:

If you don’t want to use a password manager, then at least make sure anything requiring high security (e.g. bank account ids and passwords) bears no relation to anything requiring low security (e.g. SDMB). I can assure you that even before this current incident if you got my SDMB password it would only help you get on to a couple of other sites that I consider very unimportant, and to even do that you would have to find those other sites.

That’s certainly what I do, but I’ve been online for 20 years, and have managed to navigate my way into fairly well-reasoned behaviour. 90% of the rest of the world have never heard of password managers and can’t even manage to recall their sister’s birthday, let alone three or more different passwords made up of random characters.

We need a better system; either more reliable security, or an education campaign for the average user. Preferably both.

[Mean_Mr.Mustard]

Antigen:

I keep mine in a little book in my desk at home.

Which drawer? (just curious)
mmm

[amarone]

Antigen:

I keep mine in a little book in my desk at home. I figure if someone’s breaking into my house, they’re going to take my stuff, not sit at my computer and try to get into my bank account. It’s the onine bad guys who are trying to get at my passwords, and they can’t see into my book. So I use different, secure passwords everywhere, and refer to my book when I need to.

I have an electronic version - a password-protected spreadsheet that contains all the others. It contains over 200 now. I do use duplicates, according to the level of importance. So if anyone has got my SDMB user/password combo, they will be able to get into other sites - but only similarly trivial ones with no risk of financial consequence.