Hacker News new | past | comments | ask | show | jobs | submit login

Just yesterday I received a notification from Facebook that my account had been accessed from a suspicious location and was locked as a security precaution. I had no idea how this could have happened, but I did have the same email address + password for Steam and Facebook. Hardly proof, but certainly a plausible theory.



http://keepass.info/ - It is easy to have unique, complex passwords for each and every service. And with Dropbox (or kin) you can sync to iPhone, Android, Mac, Linux or Windows. Plus plugins for browsers to make easier.


Thanks for the link to an open source app. I find it hard to believe people would trust proprietary apps to store their passwords.


Is there a Mac equivalent?


1Password, which also is a Windows and Android equivalent:

https://agilebits.com/onepassword


KeePassX works on OSX. https://www.keepassx.org/downloads

There's also others like 1Password that are popular on OSX.


I use 1Password in conjunction with Dropbox to keep my passwords secure and synced between OS X, Windows (XP and 7) and iOS. It's a fantastic product.


Lastpass stores your passwords centrally, and makes them available to any browser you use via a plugin/extension.


I use splashid. Not free but it works and they have an iPhone version. I also believe an older version of keepass was ported to Mac with the name KeePassX.

Edit: typo


Well, since Steam only stores the salted PW hashes, it doesn't seem like that would allow them to compromise your facebook account.


Salting a password doesn't make it uncrackable, it just makes it impervious to rainbow tables and other parallel attacks because it forces the attacker to recalculate the hash for every guess for every user account. You can certainly still run a mangled dictionary attack on a salted database, it will just take a lot longer.


It was hardly an uncrackable password :)

I hadn't really used either account in years, so I never got around to enhancing my passwords.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: