Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Totally agree, it's getting scary out there. The AMOS attack really shows how attackers are stepping up their game. If even legit websites can be weaponized like that, what’s actually safe anymore?


Stop using federated login services and maintain unique accounts per service. Blacklist any service that doesn't provide their own account management.


I only did it once (fb login for airbnb) and I deeply regret to this day. Airbnb cant even migrate my account to another type (plain old username & password is best for me).

The reason - over time I started renting an apartment there, the reputation and stream of guests is simply too big wall to climb over (I mean it can be done easily but it would hurt financially pretty bad).

Now I cant get rid of that cancer that facebook is. 10 years ago it didnt seems so, my mistake, should have seen it coming.


What? You’d rather have more, smaller rando services handling your passwords than a few big names that have the resources to put into at least paying lip service to security?


Would you also need a separate email address for each account? I think most mailboxes support a recovery email address and some require one for billing.

Is truly separate accounts for everything really doable?


I don't know why you would need a separate email address. I would think the password is the important part.


I mean using google [for example] to log in everywhere vs using gmail.


Get a mail service that lets you use your own domain. Then you setup a wildcard to use any address you want with zero effort.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: