I mean, pretending to be someone in another instance, “stealing” the username, is trivial. I see the more likely targets being instance admins or high profile users. Should we worry somewhat about this?

  • Vlyn@lemmy.ml
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    1 year ago

    So try having at least 3 different passwords for personal accounts/websites

    That’s an awful take. Grab a password manager and have a random password for every single account of yours. That way all you have to do is remember a single strong password and that’s it. Instead of playing Russian roulette when one service you use gets hacked and someone gets a hold of your username / email and one of your 3 different passwords…