|
|
|
|
|
|
by mutagen
5058 days ago
|
|
|
I've done a bit of this and I suspect a few others have considered something similar, if not doing it themselves. I'm concerned about leaking a couple of these types of passwords, enough for someone to notice the pattern and apply it to the rest of your online presence. I'm sure there are black hats building personal databases of every password leak that goes by and it wouldn't be hard to do some sub-string matching to identify people making simple patterns like this. I'm also concerned about a targeted attack against my online identity. I've had a couple of online acquaintances be the victim of targeted attacks, one holding accounts hostage as a sort of online blackmail. Someone who compromises a couple of random forums and picks up on the pattern now has the key to your online identity. I'd mitigate it somewhat by using multiple prefixes and suffixes, one set for 'throwaway' accounts and others for more important stuff. Even that tactic has issues, do you remember to change your password for that throwaway site that blew up with success and now your account is part of your online identity? The alternatives aren't too reassuring though, I balance these risks against the possibility of my KeePass, LastPass or browser password list getting compromised. |
|
|