Well, this one is just rolling and rolling. Starting in the summer of 2018 some enterprising scammer decided that the vast number of password exposures can be used for a new purpose – directly blackmailing the account holders. These exposures quite often list both the email address and password for some service or other. Perhaps … Continue reading
The sad thing is, these aren’t in your control.
Everywhere you go looking at online security you’ll see discussion on passwords. What should a password be? How long? Allow any obvious information derivatives? Forced complexity? Allow real words? Force expiry?