[LVB]

I'd like to know if Mr. Woo had two-step authentication turned on for his Google account. (He mentions only that they, "gained access to my Google account.") It's the potential for this sort of damage, or much worse, that prompted me to turn it on and incur the slight nuisance of generating new keys every 30 days.

Good article on the far-reaching calamity resulting from a hacked email account: http://www.theatlantic.com/magazine/archive/2011/11/hacked/8...

[drivebyacct2]

Is it even that much of a nuisance? Last Pass and two factor auth are no brainers for me. I ALWAYS have my phone with me so two factor is a given and Last Pass has mobile apps and lets me have a unique password for every single site. I honestly have a hard time taking people seriously if they're too lazy to use something as simple as Last Pass, etc.