What's the worst password management story you have ever heard? \ stacker news ~tech

pull down to refresh

What's the worst password management story you have ever heard?

257 sats \ 17 comments \ @kepford 13h tech

I'll go first. I recently did a seminar for my church on being safe online. I taught the group how to handle passwords, basic privacy and security best practices. After the talk one gentleman told me with some embarrassment how he "manages" passwords.

I'd never heard anyone say this nor would I have thought someone would do this. He had a draft email in Gmail where he keeps his passwords.

He told me, "that's bad isn't it?" Yes. Very bad.

So what's the worst you've heard?

view all related items

70 sats \ 0 replies \ @wispy 8h

This one from early PayPal https://max.levch.in/post/724289457144070144/shamir-secret-sharing-its-3am-paul-the-head-of is wild. It was not from a lack of technicality but from no backups or safeguards, I guess

64 sats \ 2 replies \ @Taj 10h

There's the infamous Mr Beast story of how he recorded his seed phrase, I'm sure you've heard it many times

21 sats \ 1 reply \ @grimtechnet 2h

I haven't heard it. What happened?

0 sats \ 0 replies \ @Taj 2h

MrBeast stored his seed phrase by writing it on a post it note and sticking it to his laptop

When someone swiped the funds, he publicly called the thief an idiot

Which started a snowball of abuse pointed at MrBeast because the real idiot was the one who wrote out the post it note

The amount of Bitcoin varies but some say it was around 50 whole coins

72 sats \ 6 replies \ @Coinsreporter 13h

A lot of people I meet save their passwords on WhatsApp.

21 sats \ 4 replies \ @kepford OP 13h

Does that app have disappearing messages?

70 sats \ 3 replies \ @Coinsreporter 13h

Yes, it has. Some of them even say that they do it because it backs up the data and in case they lose phone, at least their passwords are safe.

21 sats \ 2 replies \ @kepford OP 13h

Wild. And you then tell them about Bitwarden right?

0 sats \ 1 reply \ @Coinsreporter 13h

Nahh! I say 'you're already fucked and you don't know.'

0 sats \ 0 replies \ @kepford OP 12h

That's lame. They should stop doing stupid stuff going forward. You can reset password. It's not game over.

People thinking it doesn't matter is why they don't do things the right way. It gives them an excuse to be lazy.

0 sats \ 0 replies \ @kepford OP 13h

Wild

54 sats \ 0 replies \ @Lumor 10h

I know someone who gets by mostly on "forgot password" and being logged on on multiple devices. Doesn't remember one password.

69 sats \ 1 reply \ @optimism 13h

I worked for a company 2 decades ago where the most senior developer had his password on a post-it on his screen (this was after mandatory rotation was enforced) because his workstation had all the build environments for all the software in the company properly configured. To save time, if there was an issue with software in the field while he was off or traveling, a colleague or the service team could just walk into his office, fix the issue in the code, release a new binary and send it to the customer.

It was concurrently the most practical solution to customer support and the biggest security nightmare i've encountered.

200 sats \ 0 replies \ @kepford OP 13h

Security is inconvenient. Convenience is the enemy of security.

61 sats \ 2 replies \ @Sandman 12h

Haha 😂 I have a friend who gave his passwords to his girlfriend, and claims it's for security reasons.

0 sats \ 0 replies \ @grimtechnet 2h

That's like softcore findom

0 sats \ 0 replies \ @kepford OP 12h

Eh... nope. That's not security