Most of us are Reddit refugees, and probably clicking more random links than we ever did before on websites we’ve never seen before. This whole experience feels like the old internet, but also throws up insane red flags with a modern internet perspective. What are the cybersecurity weaknesses we should all be looking for, and what are the best practices?

Here’s my reason for posting this. As I search for new communities across instances to follow, I sometimes end up clicking a link and I’m no longer logged in. In the corner, that could be a Sign In link or it could be phishing. It’s likely due to me not understanding how to properly navigate this system, but there’s nothing stopping someone from setting up a sight like this as far as I know.

Thoughts?

  • Ziggurat@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    16
    ·
    1 year ago

    A big one I see that if you join any instance it’s someone else computer. Not different from Meta/Reddit. But the probability that among all the instance there is one imposter who wants to steal your credential is non zero.
    As usual don’t use the same password everywhere

    • stevedidWHAT@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I don’t understand what the point of making more than one account really is if we can view and post to or from any community or instance

      • Anony Moose@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        It’s not really required, but does have its uses. For instance, if your instance is down or heavy load, you could log in from another instance. Also, if your home instance has defederated other instances you are interested in, you can log into an alt to view content from it, etc.

      • Cethin@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        1 year ago

        They don’t mean don’t use the same password for other accounts on Lemmy, they mean don’t use the same password for other accounts period. Use a password manager or something, and generate a new password for each account. If you use the same one across different services, if one gets hacked they have access to all of them that used the same credentials.

    • czarrie@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah, having big companies run everything was terrible but at least you had like, a team of peeps whose job it was to make sure that the whole company didn’t implode due to a breach (because they would at a minimum be out of work or worse never get a job in the field).