1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cloud: "My entire digital life was destroyed"

Discussion in 'The Lounge - Off Topic' started by SimonV, Aug 15, 2012.

  1. SimonV

    SimonV Petabyte Poster Administrator

    6,616
    149
    228
    What are everyone thought on this: In the space of one hour, my entire digital life was destroyed.
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  2. csx

    csx Megabyte Poster

    511
    6
    81
    Not surprised and scary. I've phoned up companies before and forgot my security code and always went through some steps to verify myself - which are easy enough to obtain elsewhere (address, maiden name etc). Doesn't really feel you with confidence... the issue above has been fixed by Apple/Amazon though.

    I always use two step authentication where possible with everything and use different passwords for each site (using LastPass) I feel secure enough... but in this case... no hacking was used! purely social engineering. The trouble is, the average user won't know how to use or setup two step authentication.
     
    Last edited: Aug 15, 2012
    Certifications: A+, Network+, 70-271 & 70-272, CCENT, VCP5-DCV and CCNA
    WIP: Citrix
  3. dmarsh

    dmarsh Terabyte Poster

    3,782
    302
    184
    Thats nothing The Cloud took my digital virginity, and never called me back :oops:
     
    Certifications: CITP, BSc, HND, SCJP, SCJD, SCWCD, SCBCD, SCEA, N+, Sec+, Proj+, Server+, Linux+, MCTS, MCPD, MCSA, MCITP, CCDH
  4. Rob1234

    Rob1234 Megabyte Poster

    783
    24
    69
    I looked at using lastpass but doesn't it store all your passwords on a server somewhere?
     
    Certifications: A few.
  5. csx

    csx Megabyte Poster

    511
    6
    81
    Yes, you've a master password and you can use two step authentication (Google authenticator) so even if they were hacked, they still need your google information to allow access. I find that much more secure than either using the same passwords or having them written down somewhere! There's a risk, but so far I don't think they've been hacked...

    All passwords are hashed/salted etc and LastPass would notify if there was a breach. I let LastPass generate my passwords, so they're completely random, meaning it would take a long time to crack and LastPass would've sent out emails by then.
     
    Last edited: Aug 15, 2012
    Certifications: A+, Network+, 70-271 & 70-272, CCENT, VCP5-DCV and CCNA
    WIP: Citrix
  6. Rob1234

    Rob1234 Megabyte Poster

    783
    24
    69
    I might sign up with them, I currently use my memory to remember but I think letting lasspast generate better passwords and the slight risk of them getting hacked is better then my memory as you can not make overly complicated passwords in you rmind!

    Is there a way to store an offline copy of your passwords?
     
    Certifications: A few.
  7. csx

    csx Megabyte Poster

    511
    6
    81
    This may be of help - Offline Access to your LastPass Vault « LastPass User Manual

    I pay a yearly subscription (you don't need to for the desktop version) and have this on my Android device along with xmarks (bookmark sync) not had a problem.
     
    Certifications: A+, Network+, 70-271 & 70-272, CCENT, VCP5-DCV and CCNA
    WIP: Citrix
  8. Rob1234

    Rob1234 Megabyte Poster

    783
    24
    69
    Cheers!! Will look in to it.
     
    Certifications: A few.
  9. Monkeychops

    Monkeychops Kilobyte Poster

    286
    15
    25
    I did read about this and felt a bit bad for the guy, wouldn't be a nice situation to be in losing the personal data etc.

    I've been a little wary of the current trend of sticking everything out there, I've held back on OSX upgrades as I'm not too keen on the direction it's going with all the iCloud integration with everything, it's something I need to look into more.

    It does highlight that while using hosting/cloud for things can be beneficial you still need to have a contingency for if something happens to said service, plus the over cautious side of me also sees it as increasing the risk of an attack on my data by having it out there.

    And I know that password managers that rely on hosting your database on their servers are probably safe there's just that little voice in my head that says no don't do it ;) I have 1Password but haven't got round to setting it up for all my accounts yet.

    I trust myself to hold my data, others not so much ;)
     
  10. csx

    csx Megabyte Poster

    511
    6
    81
    You could always use an offline password safe such as KeePass (though I have the database saved on Dropbox for backups and use anywhere such as Android) - I use that for all other passwords. Just, It would be a pain to create a new entry every time within KeePass for every site, that's where LastPass is handy.
     
    Certifications: A+, Network+, 70-271 & 70-272, CCENT, VCP5-DCV and CCNA
    WIP: Citrix
  11. cisco lab rat

    cisco lab rat Megabyte Poster

    660
    62
    116
    Just discussing this today in class.

    If you don't hold it you don't own it.
     
    Certifications: Yes I pretty much am!!
    WIP: Fizzicks Degree

Share This Page

Loading...