From what I understand, they (hackers) try known email/password combinations at different sites because a lot of people reuse their passwords. I also find it unlikely that anyone trying hack accounts will spend any amount of time looking at individual passwords if their list is 1000+ (and we know there are leaks in the milions).
I agree that they are reasonably save unless they are targeted.
It is still probably one of the better ways to manage your passwords short of using a password manager. I don’t know any hackas but it feels like a lot of effort, finding patterns in a list of passwords. When you have found a pattern, you must also figure out what the pattern is.
On the other hand, it could be a viable way given that there are some huge leaks with a lot of data. Perhaps someone is selling datasets of hacked patterns, it could be another way to find someones paypal password.
uranibaba@lemmy.world 5 weeks ago
From what I understand, they (hackers) try known email/password combinations at different sites because a lot of people reuse their passwords. I also find it unlikely that anyone trying hack accounts will spend any amount of time looking at individual passwords if their list is 1000+ (and we know there are leaks in the milions).
I agree that they are reasonably save unless they are targeted.
hperrin@lemmy.ca 5 weeks ago
The problem is that it’s a common suffix among all of their passwords. That kind of thing is easy to search for in a password leak database.
uranibaba@lemmy.world 4 weeks ago
It is still probably one of the better ways to manage your passwords short of using a password manager. I don’t know any hackas but it feels like a lot of effort, finding patterns in a list of passwords. When you have found a pattern, you must also figure out what the pattern is.
On the other hand, it could be a viable way given that there are some huge leaks with a lot of data. Perhaps someone is selling datasets of hacked patterns, it could be another way to find someones paypal password.