🐿️Pinecone Attack

c/cybersecurity-tips

20

barnes.jamie•4h ago

Can we talk about how my old password manager just failed me out of nowhere

Last Tuesday I went to log into my bank and my password manager crashed, leaving me locked out with no way to retrieve any of my 200+ passwords. Had to spend 3 hours on the phone with customer support resetting everything manually - does anyone still trust cloud based password managers after something like this?

6

mary836•14d ago

A coworker told me to stop using password managers because they're a security risk

He said they get hacked all the time, but after I looked it up, I found out that's basically a myth and the real risk is reusing passwords everywhere. Has anyone else had to argue with someone about this at work?

27

hayden_rodriguez•15d ago

Wasted $80 on a VPN that barely worked on my home network

I bought a year of SuperSecure VPN last month because they had a flashy ad about blocking trackers. It slowed my speed down to like 5 Mbps and kept disconnecting my Xbox mid-game. Customer support just sent me generic copy-paste replies and dodged my refund requests. Has anyone else gotten burned by those hyped up VPN services?

11

karen275•16d ago

Why I stopped using password managers after a close call last month

I had all my logins in one app for 3 years, then a phishing email tricked me into giving up the master password and I lost access to everything for 2 days. Turns out the backup codes I saved were for an old phone I no longer have. Should I stick with memory-based passwords only, or is there a safer way to keep using a manager?

29

tarak17•16d ago

Spent $60 on a password manager after getting locked out of my bank account

Last month I tried to log into my bank to pay rent and realized I forgot the password. I went through the reset process but my recovery email was an old Yahoo account I also couldn't get into. Took me 3 days and two phone calls to prove I was me. Finally caved and paid $60 for a year of Bitwarden. Has anyone else had a close call like this with account recovery?

12

barnes.jamie•17d ago

Last Tuesday I woke up to a $1,200 fraud charge from a pet store in a state I've never visited

Turns out my old Netflix password was the same one I used for everything and some dude in Ohio bought twelve bags of premium cat food with my card - has anyone else had a random charge completely unrelated to their life show up on their statement?

25

parker_foster53•18d ago

Debate: Password Manager vs Memory - which is actually safer?

I've been using a password manager for 6 months now after my brother got hacked. But I still got friends who swear by memorizing 3 complex passwords and reusing them. They say one database breach and you're completely screwed. I get their point but I've got 40+ different logins now. What do you all think - is a password manager really the safer bet?

13

lily574•18d ago

I used to think password managers were overkill until I saw my coworker's setup

Was grabbing coffee with a buddy who does IT security and he showed me his password manager. 47 accounts, all random 16 character passwords. I've been using the same 3 passwords for everything for like 5 years now. He said one of those big data breaches probably has my info already. Still feels weird trusting all my logins to one app. Anyone else make the switch and does it actually save time or just add headaches?

19

eva_lewis•19d ago

Unpopular opinion: "change your password every 30 days" is the worst advice I ever got

My old IT guy at a small marketing firm in Austin swore by forcing password resets every month. I followed his rule for 2 years and ended up using "Austin2022!" then "Austin2023!" then "Austin2024!" because I couldn't remember 24 different passwords. Then I read that NIST actually came out and said frequent changes make people pick weaker passwords. Has anyone else had a boss or IT person give them security advice that was actually making things worse?

25

seanperry•21d ago

6 months ago I ignored MFA warnings and got my email account hijacked. Now every login feels like a tiny victory.

I used to think multi-factor authentication was just an annoying extra step. Then one morning last winter I woke up to 50 password reset emails from sites I didn't even remember signing up for. Someone had gotten into my email through an old data breach. It took me three days to untangle everything and I still lost access to a forum I used for years. Now I have authenticator apps on everything and the five extra seconds it takes to approve a login notification feels like a win. Has anyone else had that moment where you realize the thing you were avoiding actually saved you?

12

seana14•24d ago

The biggest mistake I see people make with 2FA backup codes

Kept seeing posts in a sysadmin group about people getting locked out of their accounts after switching phones. They saved the backup codes in a note app or even a screenshot. That whole setup is useless if someone steals the phone or you lose it. I store mine in a separate encrypted USB drive in a fireproof safe at home. Has anyone else had to bail a coworker out of a 2FA lockout situation?

15

taylor.betty•25d ago

Hit password 5,000 on my breach alert list this week

I use a service that scans my email for data breaches. For years it sat around 200 or so from old accounts. This week it crossed 5,000. That number got my attention. Turns out most of the new ones come from sites I signed up for once years ago and forgot about. Things like a random forum for a hobby I dropped or a newsletter I read for a month. I spent an afternoon deleting old accounts and changing passwords on anything still active. The weird part is I never got hacked or anything but that big number makes me feel like I'm just lucky more than careful. Anyone else see a big jump in their breach count recently?

-1

jones.grace•26d ago

Starbucks wifi got me thinking about public network risks

I was at a Starbucks in Tampa last weekend revising my resume and realized I had no idea if anyone could see what I was doing. Started looking into VPNs after that and now I never use free wifi without one. How do you guys handle public networks?

16

spencer_wood•1mo ago

Overheard a guy at the coffee shop talking about how his "secure" password was his dog's name plus the year

Like, I get it, easy to remember. But then he said he uses that for everything. Banking, email, Netflix. He even laughed about it. Made me think how many people probably do the exact same thing, thinking they're safe because they tack on a number at the end. Has anyone else run into folks who think that's good enough?

7

max808•1mo ago

I used the same password for 10 years until my bank called me

Last month my bank flagged a login attempt from Nigeria at 3 AM. I had been using 'fluffycat2005' for everything - email, Netflix, even my work VPN. Has anyone else had that wake up call where you realize how lazy you've been with passwords?

5

barnes.morgan•1mo ago

My school's IT guy gave me a choice: a 12-character password I could remember or a 30-character one I'd have to write down.

This was for our new gradebook system. I picked the long one, wrote it on a sticky note, and stuck it under my keyboard. A student saw it during a study hall and asked if that was my 'secret code'. I felt like a total idiot. Anyone have a better system for dealing with crazy long required passwords?

8

elliots49•1mo ago

My smart fridge in Seattle tried to email a Nigerian prince from my work account last Tuesday.

I was making coffee when my phone buzzed with a login alert from Lagos, and after a panicked hour of password resets, I traced it back to a default admin password on my new internet-connected appliance. Has anyone else had a random device on their home network go rogue?

1

fionarodriguez•1mo ago

My cousin in Miami asked me to 'hack' his ex's Instagram for him

I told him that's a felony and explained password managers instead. Anyone else get wild requests from family after they find out what you do?

21

tyler368•1mo ago

Dropped $60 on a password manager and it finally clicked for me

I kept using the same weak password everywhere until my sister's email got hacked. The manager auto-generates and stores everything, so I don't have to remember a thing. Anyone have a good method for convincing family to make the switch?

18

lucas165•1mo ago

I keep seeing people post their work laptop on social media without blurring the screen

Last month, a coworker in Phoenix shared a picture of his home office setup. His company laptop was open and you could clearly read a customer's email on the screen. I had to message him to take it down. That's a huge data leak waiting to happen, and it could get him fired. Has anyone else had to tell a friend to blur their screen in photos?

1

the_nathan•1mo ago

My boss told me to turn off Windows updates for better security, and I think he's wrong

At my old job in Austin, my manager insisted we disable automatic Windows updates on all our work computers. He said it stopped bad updates from breaking things. About six months later, a ransomware attack hit our network because we were missing a critical patch from months before. We had to pay a guy $500 to help clean it up, and we lost a day of work. Has anyone else had a boss push a security rule that actually made things less safe?

29

grayt46•1mo ago

Hot take: my cousin's kid in Phoenix got his Fortnite account cleaned out last week because he reused a password.

Three years ago I set up a password manager for my own stuff, but I never pushed it on family until I saw his mom's text saying he lost $150 worth of skins and now I'm telling everyone to stop using the same password for everything, even games.

23

janaf91•1mo ago

Question about a simple way to stop spam calls

I was getting 10 junk calls a day until I started answering and immediately putting the phone on mute. They hang up after 5 seconds of silence and my number gets flagged as dead, so the calls dropped by half in a week. Has anyone else found a quiet trick that actually works?

8

grayt46•1mo ago

Vent: My neighbor asked me to 'fix' his computer after he clicked a link in a text

This was about three months ago. He came over, laptop in hand, saying his screen was full of pop-ups. I asked what he did. He said he got a text from 'FedEx' about a package, clicked the link, and entered his address to 'check the status'. I told him that link was a scam, a classic phishing attempt. He just shrugged and said 'It looked real, the text had a tracking number and everything.' I had to walk him through running a malware scan, changing every password, and calling his bank. The worst part? He still gets texts like that and just deletes them now. Doesn't block the number, doesn't report it, nothing. How do you get through to someone who thinks it's just a minor annoyance?

8

baker.phoenix•1mo ago

I finally fixed a weird router issue that took me two days to figure out

My home network kept dropping every few hours, and I was sure it was a bad cable or my ISP. I spent a whole day swapping cables and calling support. Turns out, the router's built-in firewall had a setting that was too strict and was killing long connections. Has anyone else run into something like this with their own gear?