top | item 30555982

(no title)

thejerz | 4 years ago

> There’s no need to change passwords if they're robust, unique and not breached

This assumes you'll know if passwords were exposed in a breach. Some breaches go undetected.

discuss

dylan604|4 years ago

Another comment that reads as if they are skipping the "unique" part of the text they are quoting.

If you use unique passwords for everything and a leak goes undetected, the damage is contained to just that one site/service.

cherry picking quotes to nitpick is only effective if you address the full quote rather than cherry picking a point of a cherry picked quote

spicybright|4 years ago

It's honestly strange this has to be said as it's such an obvious thing.

jandrese|4 years ago

This also assumes that changing the password would effectively lock out attackers that have already breached your systems.

spicybright|4 years ago

It's vastly more likely you'll be pwned by remote passwords than local programs. Even if it is a local program, there's so many ways to store a password there's no automated way to reliably get a password. Your threat model will become a person targeting you specifically, thumbing through your files to find information, etc.