Cloud: "My entire digital life was destroyed"

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

What are everyone thought on this: In the space of one hour, my entire digital life was destroyed.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Not surprised and scary. I've phoned up companies before and forgot my security code and always went through some steps to verify myself - which are easy enough to obtain elsewhere (address, maiden name etc). Doesn't really feel you with confidence... the issue above has been fixed by Apple/Amazon though.

I always use two step authentication where possible with everything and use different passwords for each site (using LastPass) I feel secure enough... but in this case... no hacking was used! purely social engineering. The trouble is, the average user won't know how to use or setup two step authentication.

 

Thats nothing The Cloud took my digital virginity, and never called me back

 

I looked at using lastpass but doesn't it store all your passwords on a server somewhere?

 

Yes, you've a master password and you can use two step authentication (Google authenticator) so even if they were hacked, they still need your google information to allow access. I find that much more secure than either using the same passwords or having them written down somewhere! There's a risk, but so far I don't think they've been hacked...

All passwords are hashed/salted etc and LastPass would notify if there was a breach. I let LastPass generate my passwords, so they're completely random, meaning it would take a long time to crack and LastPass would've sent out emails by then.

 

I might sign up with them, I currently use my memory to remember but I think letting lasspast generate better passwords and the slight risk of them getting hacked is better then my memory as you can not make overly complicated passwords in you rmind!

Is there a way to store an offline copy of your passwords?

 

This may be of help - Offline Access to your LastPass Vault « LastPass User Manual

I pay a yearly subscription (you don't need to for the desktop version) and have this on my Android device along with xmarks (bookmark sync) not had a problem.

 

Cheers!! Will look in to it.

 

I did read about this and felt a bit bad for the guy, wouldn't be a nice situation to be in losing the personal data etc.

I've been a little wary of the current trend of sticking everything out there, I've held back on OSX upgrades as I'm not too keen on the direction it's going with all the iCloud integration with everything, it's something I need to look into more.

It does highlight that while using hosting/cloud for things can be beneficial you still need to have a contingency for if something happens to said service, plus the over cautious side of me also sees it as increasing the risk of an attack on my data by having it out there.

And I know that password managers that rely on hosting your database on their servers are probably safe there's just that little voice in my head that says no don't do it ;) I have 1Password but haven't got round to setting it up for all my accounts yet.

I trust myself to hold my data, others not so much ;)

 

You could always use an offline password safe such as KeePass (though I have the database saved on Dropbox for backups and use anywhere such as Android) - I use that for all other passwords. Just, It would be a pain to create a new entry every time within KeePass for every site, that's where LastPass is handy.

 

Just discussing this today in class.

If you don't hold it you don't own it.