The difference is...

Story: WineHQ database compromise - One More Linux Project FailTotal Replies: 9
Author Content

Oct 13, 2011
9:00 AM EDT
The difference is that on a Linux system, hacking into it requires a conscious effort to attack that system. Plus, it's usually discovered quickly. On Windoze, it's likely to catch a case of malware in normal day-to-day operations. I'm glad they caught this intrusion quickly, & I'm glad I don't use Wine much (drink wine, yes,... run Wine on my systems, no...).

Oct 13, 2011
12:33 PM EDT
I use Wine a lot and I had the same password on there as my Amazon account.

Not any more though.

Oct 13, 2011
3:48 PM EDT
And unlike other companies might do, they notified the users fairly quickly. Also, the title of this article really bugs me. A database compromise is NOT a "project fail", it's a hosting security fail.

Oct 14, 2011
12:59 AM EDT
All my passwords are different on different sites. I also generate them with mkpasswd on Slackware so they are pretty strong. However I don't change them often enough, there are too many for that.

Oct 14, 2011
12:50 PM EDT
@moopst: What do you do when you want to visit these sites from different computers? For instance, I have a primary desktop PC, and also a work laptop. I normally use the desktop, but occasionally I'll use the laptop if I take a trip somewhere.

Oct 14, 2011
5:23 PM EDT
@Grishnakh, good memory.

Oct 14, 2011
6:15 PM EDT
@Grishnakh - dropbox in an encrypted container.

Oct 14, 2011
6:24 PM EDT
I have several of them in kwallet and some in a plain text file, but /home is on an encrypted partition. My work doesn't let me visit several sites so I just check the news. There are a couple financial sites where I keep the pw in my wallet on paper in case I need to get my money out of Europe before the banks crash.

Oct 15, 2011
4:58 AM EDT
You see, that's why I dislike password managers, in browsers or otherwise. They don't allow me to remember my passwords. So I turn them on only for passwords *I* already remember, if at all. The only problem is with sites I visit once a year, or so, but, well, resetting your password once a year is a good practice anyway ;)

Oct 15, 2011
5:15 PM EDT
I don't usually need to remember my passwords -- I just remember how I created then. (Mind you, this may take a while. A couple of months ago I needed my email password, and it took me half the day to remember how I came up with it in the first place. But once I had a place to start, I recalled the actual password in less than 30 seconds.)

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!