c/cybersecurity-tips

Changed my mind about using the same password everywhere after my friend in Austin got his Instagram hacked last month.

He used 'AustinRocks2023' for his email, bank, and social media, and a keylogger on a sketchy game download got everything, which convinced me to finally set up a password manager with 16-character random strings for each account.

3 comments

matthew864•5d ago

Vent: That $40 password manager felt like a waste until my old email got hit

I bought a year of a password manager for about $40 last fall and honestly thought it was just extra work. Then a few weeks ago, I got a bunch of alerts about someone trying to log into an old Yahoo account I still used for some things. Because the manager had made a unique, strong password for it, they couldn't get in. It would have been a real mess if that old account was a gateway to other stuff. Has anyone else had a close call that made a basic tool suddenly worth it?

2 comments

seanjohnson•5d ago

My cousin in Seattle kept telling me to turn off Bluetooth when I'm not using it, and I finally listened after my phone tried to connect to a weird 'Free_WiFi' device at the airport.

Has anyone else caught their phone trying to pair with something sketchy like that?

2 comments

vera_lewis•5d ago

Pro tip: I finally set up a separate email just for online accounts after my main one got hit with a dozen spam sign-ups last month.

It took maybe 20 minutes to make the new Gmail address and start switching things over, and now my regular inbox is way quieter... anyone else do this and have a good system for remembering which account is for what?

2 comments

jamie130•7d ago

Got my first real phishing test at work last month and it changed my whole routine.

The fake email looked exactly like our IT department's usual alerts. Now I hover over every single link before I click, even on my personal laptop. Anyone have a good way to quickly check a sender's real email address?

2 comments

leo_murphy•7d ago

Can we talk about password managers versus the 'passphrase' method?

I see a lot of people pushing password managers as the only safe way to go, but I disagree. For years, I used a well-known manager, but a breach at the company that made it left me feeling exposed. I switched to creating my own long, unique passphrases for each site, like 'correct-horse-battery-staple-2024-bank'. It takes a bit more memory, but I control it completely. The manager was convenient, but it felt like putting all my keys in one digital lockbox that someone else held. My method might not be for everyone, but after that scare, I trust my own system more. Has anyone else moved away from a manager after a bad experience?

2 comments

jenniferlane•7d ago

My dad always said to write my passwords on a sticky note under my keyboard, which seemed crazy until my email got hacked from a data breach last month.

I mean, he was totally wrong, because now I use a password manager and have a different, strong password for every site, so has anyone else had a family member give them really bad security advice that backfired?

2 comments

thomas_gonzalez•8d ago

Vent: A hotel wifi hack in Denver made me stop using public networks cold turkey

I was at a conference in Denver last month and connected to the hotel's free wifi to check my email. Within an hour, I got alerts for three login attempts from a city I've never been to. The hotel's network was wide open, no password, and someone had set up a fake portal that looked legit. Now I'm totally against using any public wifi, even with a VPN, because that risk feels too high. But my coworker says I'm being paranoid and that a good VPN is enough for checking basic stuff. What's your take? Do you ever use hotel or cafe wifi, or do you avoid it completely?

3 comments

abby189•8d ago

Heard a guy at the hardware store say his password was his kid's birthday

Honestly, it made me think about how many people use easy-to-guess personal info. I started using a password manager after that and it's way less stressful. Anyone else have a simple switch that made a big difference?

3 comments

theaward•10d ago

Cleaned out my old email and found over 1,200 unread newsletters

I finally went through my personal email inbox last weekend. I knew it was bad, but the number that shocked me was 1,247 unread newsletters and marketing emails. I never open them, but they just pile up. It hit me that this is a huge security risk I never thought about. Each one is a potential phishing attempt hiding in plain sight, and if my email ever got breached, that's over a thousand points of data about my interests and habits. I spent three hours unsubscribing from everything, starting with the oldest ones. It felt like cleaning digital clutter, but it's really about reducing my attack surface. Has anyone else done a big purge like this and noticed fewer sketchy emails getting through?

3 comments

max330•14d ago

My cousin in IT told me to always use a password manager, I thought it was overkill.

He said reusing passwords was the biggest risk for normal people. After my old email got hacked last month from a data breach, I saw he was totally right. Anyone else have a simple tip that seemed silly but saved you?

3 comments

juliahall•16d ago

Hot take: your 'strong' password is probably still weak

I was helping my aunt set up her new laptop yesterday, and she proudly told me her password was 'Fluffy2024!' because it had a capital letter, numbers, and a symbol. I had to gently explain that's exactly the kind of password cracking software guesses first. It's a common word plus a common year pattern. The real kicker was when she said her bank made her use that format, so she thought it was safe. It made me realize how much bad advice is still out there. We need to move past these simple rules and tell people to use long, random passphrases or a password manager. Stuff like 'correct-horse-battery-staple' is way stronger than 'P@ssw0rd1'. Has anyone else had to undo this kind of well-meaning but wrong password thinking for family?

3 comments

olivia_park•17d ago

I just spent $60 on a password manager and it already saved my bacon

I always thought writing them down was fine until my notebook got soaked in a coffee spill last week. Now I see the value in having everything encrypted and backed up. Has anyone else had a close call that made them switch their security habits?

3 comments

mark_cooper•18d ago

Just realized I was setting up my home network all wrong for years

I was helping my nephew with his laptop last month and he asked why my Wi-Fi had such an old security type. I was still using WPA2 Personal, which I set up back in 2018, and never thought to change it. It hit me that I hadn't even looked at my router settings since I first plugged it in. I've now switched to WPA3 and feel way better about it. Has anyone else had a moment like this with their own home setup?

3 comments

emma_morgan•18d ago

Pro tip: I just blocked my 10,000th login attempt on my home server

In my experience, setting up a simple fail2ban rule to block IPs after 5 bad tries caught way more bots than I expected. The log showed over 9,000 attempts came from just three IP ranges in a single week. It really shows you can't just rely on a strong password alone. Has anyone else seen a specific number that made them step up their basic network security?

3 comments

bettywilson•21d ago

My neighbor's smart doorbell got hacked and started talking to his kids

It happened in our apartment building in Austin last month, and the voice was telling them to open the door for a delivery that wasn't real. I looked it up and found out the default password was never changed, so now I check every smart device I set up. What's the first thing you do when you get a new gadget that connects to your wifi?

3 comments

nancy351•21d ago

Vent: My password system was a joke until I saw my own data on a paste site

For years I used the same base password with small changes for each site, like adding 'fb1' for Facebook or 'amz2' for Amazon. I thought it was clever and easy to remember. Then last week, a friend sent me a link to a site that lists leaked passwords and usernames. I typed in my old email address, the one I used from 2010 to 2018. There it was, my 'base' password from an old forum breach, plain as day. Seeing it sitting there in a public list, with all my variations basically spelled out next to it, was a real gut punch. It meant anyone who found that list could easily guess my logins for a dozen other places. I spent all of last Sunday changing every single password to completely different, long ones stored in a password manager. Has anyone else had that moment where they saw their own bad security habit written out in the open like that?

3 comments

the_charlie•24d ago

My friend's email got hacked last Tuesday and they sent a fake invoice to everyone

It was a bad week because they used a simple password they had for years. Has anyone else had to help someone clean up after their account got taken over?

3 comments

matthew864•24d ago

My friend's laptop got hit at a coffee shop in Denver last month

We were just working on a project when his screen froze and a ransom note popped up. He had connected to the public Wi-Fi without using a VPN. It cost him over $300 to get his files back from a backup, and he lost a whole day's work. Now I won't even check my email on public networks without my VPN turned on first. What's your go-to method for staying safe on free Wi-Fi?

3 comments

simong79•25d ago

My friend said to never click 'unsubscribe' on spam emails, and he was dead right.

I got a phishing email that looked legit last week, clicked unsubscribe, and my inbox got flooded with 10x more junk. It just confirms your address is active. Anyone have a better way to handle those fake 'shipping notification' scams?

3 comments

jordanh31•26d ago

My neighbor's story about a fake package text made me check my own habits

Last week, my neighbor in Phoenix got a text saying a package was held and needed a small fee to be released. It looked real, with a link to a site that copied the real carrier's page. She almost put in her card info but called the carrier instead. They told her it was a common scam, especially around the holidays. It made me realize how easy it is to click without thinking when you're expecting a delivery. Has anyone else seen these fake delivery texts get more convincing lately?

3 comments

thea_chen•27d ago

My cousin's Facebook got cloned last Tuesday and they almost sent money to a scammer.

I was at a coffee shop when my aunt called me panicking because she got a message from 'my cousin' asking for $500 for an 'emergency car repair' in Dallas, but I knew he was actually on vacation in Florida, so I told her to call his real number first, which stopped the whole thing. Has anyone else had a family member's social media cloned like this, and what steps did you take to report it and warn others?

3 comments

keith264•28d ago

That time my boss clicked a fake invoice link and locked our whole office network

It was a Tuesday morning in our Chicago office when my boss got an email that looked exactly like our regular invoice from our paper supplier. He clicked the link, and within 10 minutes, our entire network was locked by ransomware. We had to shut everything down for two days while we restored from our last good backup on the external drive. What's the best way you've found to train non-tech people to spot these kinds of phishing emails?

3 comments

coleman.seth•28d ago

My neighbor in Phoenix still uses his dog's name as his wifi password

I was helping him set up a new smart light last week and he just said 'it's easy to remember, it's just Buddy2024'. I told him that's the first thing a hacker would try if they knew he had a dog. He shrugged and said nobody would bother with his stuff. Anyone else run into people who think basic security is too much hassle?

3 comments

wade_perez•28d ago

My brother called my password 'a birthday gift for hackers'

He saw me type in my old password, which was just my dog's name and the year 2020, and said it would take a bot about 3 seconds to crack. I switched to using a passphrase with four random words and numbers, like 'correcthorsebatterystaple99'. What's a good way you guys come up with strong but easy-to-remember passwords?

3 comments