Tech News and Miscellany

TIL "oopsie-doopsie" is a technical term.


--Patrick
 

--Patrick
Steve's response to the "response"... :popcorn:
 
Sooo...looks like imgur got bought.

No idea what this is going to mean for its content. Or anything else that's ever been posted on their site.
Dare I hope that the plug-in starts working better?

--Patrick
 
Imgur allows NSFW content to be posted and I don't want that to change now that they've been acquired by a big media company.
 
Imgur allows NSFW content to be posted and I don't want that to change now that they've been acquired by a big media company.
Every other image hosting service has managed to publicly slit their own throat in pursuit of "growth" *cough*Photobucket*cough*. Imgur's time will come soon enough.
 

GasBandit

Staff member
Imgur allows NSFW content to be posted and I don't want that to change now that they've been acquired by a big media company.
They "allow" it but have been cracking down on it more and more over the last couple years ever since they realized they like advertiser money.

Remember when Imgur was just a pet project to make it easier to post pictures on reddit, and not a BUSINESS?

It's the same cycle as always. Bout time for the new homegrown solution to pop up, I think.

 
So, apparently Facebook isn't just experiencing the usual "downtime."

Also awfully convenient this happened right after last night's 60 Minutes expose with a whisteblower who used to work at Facebook.

 

GasBandit

Staff member
I already had 2FA enabled on my account, but I changed my password anyway, and recommend any of the rest of you with accounts do the same.
 
Aww, I liked my password there.

Welp, at this rate it won’t be long before we start seeing HIPAA-style laws enacted regarding sites that demand you give them PIA…right?

—Patrick
 
The lastpass browser plugin also has a flyout control panel that lets you generate these passwords on the fly, and save/autofill them.
Yup, 1password (or at least my old non-SAAS version) does something similar. I click the plug-in icon and choose generate password, and the pop-up window I shared shows up. If I "hit" ok, it'll autofill and choose to save.

Quite a while back, 1password switched to software as a service, where you pay a monthly fee, and so I can no longer really recommend them. Because fuck that. I store the password master file encrypted on my own dropbox. I don't need to reduce my security by having them store my passwords on their servers and pay them monthly for the privilege.
 
If your password isn't 15+ characters of upper/lower/numeric/special, and unique to that site, you are doing it wrong.
It was (only) 12 of mixed-case + numeric and unique to that site. All my passwords are unique.
Also, I have never repeated my work password even once over 14 years, and I have to change it at least every 90 days, sometimes sooner. I don’t even reuse parts (e.g., passwordJan, passwordFeb, etc). Do not quote the deep magics to me, etc.

…though yes, as often as this seems to be happening lately, it’s probably time to revise the methods I use to generate my passwords going forward. Sigh. It was a good 20+ yr run, I suppose.

—Patrick
 
Last edited:
The biggest problem I have with my auto-generated passwords is piss poor programming on some sites. I've had sites fail to accept passwords if they start with stuff like a curley brace. That's not a big deal. Generate another password. But I've had some sites totally accept a password when creating an account, but then not save it correctly in the site's database due to some unknown special character. So, later, when you try to log in, you can't.
 
Last edited:
I know it's old fashioned, but I still stick to one "main" password part, with some special symbols but easy to remember, and with some variation determined by the site's address added on to it.
Every site is unique, the whole password is usually 10 symbols, and they're not stored anywhere. Unlike with a password manager, I can log in from anywhere I care to without compromising my total security, just remember them all by heart, and not worry about a data breach or targeted attack by someone on a central server.
I mean, yes, someone specifically trying to get into my accounts probably can (except for the ones with money tied to them), but I doubt anyone is going to bother trying to hack my log in for the local newspaper.
 

GasBandit

Staff member
I know it's old fashioned, but I still stick to one "main" password part, with some special symbols but easy to remember, and with some variation determined by the site's address added on to it.
Every site is unique, the whole password is usually 10 symbols, and they're not stored anywhere. Unlike with a password manager, I can log in from anywhere I care to without compromising my total security, just remember them all by heart, and not worry about a data breach or targeted attack by someone on a central server.
I mean, yes, someone specifically trying to get into my accounts probably can (except for the ones with money tied to them), but I doubt anyone is going to bother trying to hack my log in for the local newspaper.
I have 239 logins in my lastpass vault. There is absolutely no way I would remember that many variations on a single password theme, especially as often as there are breaches and passwords need to be changed.

I mean, if what you have works for you, then great... but for me, I've got a ridiculous number of websites I need to log into, and I want them all to have unique passwords.
 
I have 239 logins in my lastpass vault. There is absolutely no way I would remember that many variations on a single password theme, especially as often as there are breaches and passwords need to be changed.

I mean, if what you have works for you, then great... but for me, I've got a ridiculous number of websites I need to log into, and I want them all to have unique passwords.
I'm pretty sure I have a bit less, but still easily over a hundred. Com1A2bc3456?!orumshalf, Co.uk1A2bc3456?!dianguar, etc are perfectly fine easy to remember passwords for individual sites :p it does become a bit more problematic when sites need regular changing, but honestly, that mostly applies to work stuff (for which I use another system anyway, ever since I found out the admins at my previous place of employment could enter my mails without my knowledge), and rare important stuff like my bank, for which I use fingerprint ID. Yeah, it works for me, it's not perfect, I'm aware
And obviously, that's not actually the random bit of placement I use for my passwords.
 
I, like Bubble, have a "standard" password that I'll morph as necessary based on a site's password rules. I mainly use it for relatively unimportant sites though, like Reddit, HF, etc.

For my more important passwords, the ones that could have financial consequences, such as email, banking, Steam, etc., I created more complicated passwords, which I then wrote down on a piece of paper and hid in my drawer at home.
 
I trust Tom Scott, so I went with Dashlane. Spent the better part of a week changing all my duplicated passwords to what are essentially facerolls behind one main login to the Dashlane vault.
 
I currently use BitWarden for password management, but I don't keep all of my passwords in there - I also have a KeePass database for my work passwords.

I used to use LastPass until LogMeIn bought them 6 years ago and the final straw was when they killed off XMarks. I loved the feature of having all my bookmarks in one spot but have profiles for what I wanted to sync (work/home/etc)

For bookmark sync, I've gone with EverSync - doesn't have profiles, but it at least syncs across browsers with not a lot of headaches... I get enough of those from my day job.
 
Top