A reason why every site should move past passwords: Kiwi Farms hack.

submitted by [deleted] from self.technology

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (4 children)

Maybe use an old school dongle as a second factor. Some providers allow using more than one phone number as a second factor.

When I can, I only use passwords with 24 characters length. I watched a terrifying lecture on quantum computing last year and according to it, this kind of risks are only to mitigate by increasing password length. (We'll never really know what kind of computing power is at somebodies command in some secret lab, sadly.)

Otherwise, from a user's perspective, I try to spread my risk by using different E Mail from different providers.

[–][deleted]  (3 children)

[deleted]

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

    I'd prefer not to, too.

    But in EU this is mandatory for online-banking e.g.

    [–]iamonlyoneman 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

    Online banking is stupid.

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    I know. But since i got to manage accounts that are kept in Lithuana, i'm sometimes out of options regarding this.