So looks like I am under attack. All my accounts are showing up with suspicious activities. Everything from paypal to twitch even my digital ocean account and Amazon. WTH. They haven't got into anything that I know of as I change passwords often but what the hell.
@omnipotens hope it all works out in your favour
@Horizon_Innovations So far other than annoyance of having my accounts continuously locked out no biggy at the moment.
@omnipotens If there's anyway we (the linuxrocks community) can help, please let us know. We all owe you a big favour.
@frankstrater No, unless you know someone at amazon, twitch, digital ocean, paypal, reddit, Steam, Namecheap, gpdaddy, twitter. Who have access to the logs to see who in the hell keeps trying to get into my accounts lol. They keep locking my accounts trying to get in.
@omnipotens It’s unlikely that logs will confirm who the attacker is (unless they are really careless in their own OpSec). I can show you the logs of our PeerTube instance which do contain failed probe entries on you and all our Mastodon moderators. I’m more thinking of adversary analysis anyway, although that might be a dead end as well.
@frankstrater Oh I know lol these days its almost impossible
@omnipotens password manager?
@Loonie my password manager is in my head. I use 32 character randomized password for every site so I very seriously don't think it has anything to do with passwords.
If your curious i have always used randomized characters as password normally 6 to 8 characters. Many many years ago I started to combine those to a larger password then I take the first letter of the sight change that to a number. Same with second char. Then for ever char in $2 slot replace with $1 value and divide by 2 if longer
@omnipotens wow good security measures.
I basically have 5 passwords.
But enhancing them and modifying now due to all of a sudden info being released on multiple breaches. Including sites I have never heard of.
I also use multiple emails now to separate types of stuff.
ANickname@mail for useless sites.
Personal@mail for a few personal sites.
But each group has there own password.
I have never had issues until wife started separation process.
@Loonie yea I do the same I have several domains one domain gnushell.com is for all social geek related boards then I have one for financial that has several accounts depends on what the financial subject is and all junk and registrations go to idontwantyourdamnemail.com
I think I am around 20 emails and 40 aliases just because like my bank gets its own email address. I never really think about it as my client checks them all at once anyway.
Nice. Sadly that email is so long.
I got a xyz domain for $1yr.
Thinking to pick up another to do just that.
Do 1 personal & 1 misc.
Setup a catchall email and do
1*@name 2*@name etc.
But I need to figure out how to come up with more uncommon passwords. Besides numbers for letters etc
@Loonie length don't bother me you normally type it once and never again that and most applications auto fill anyway.
@Loonie example of my passwords
Site like LR
Once you do it enough it becomes second nature and don't even think about it.
Thanks I will have to implement something sim.
I have a pw manager but fail to save everything to it.
@Loonie when I need to change password I rotate the smaller segment and redo the calculations in the first post.
Sounds complicated but its really not. By looking at the site name and basic math you know what the password is or at lease one of 3 combinations of segments. If password is exposed I drop one segment and all passwords and start using another segment of 6 to 8 randomized characters. I been doing it so long I can look at a site name and within 5 seconds know what my password is.
Linux Geeks doing what Linux Geeks do..