I mean, pretending to be someone in another instance, “stealing” the username, is trivial. I see the more likely targets being instance admins or high profile users. Should we worry somewhat about this?

  • n2burns@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    So try having at least 3 different passwords for personal accounts/websites

    That’s terrible advice when password managers are a thing. Also, this is about impersonation, not credential theft.

      • SaituriHiiva
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Most people have one in their browser. While I personally would recommend a proper password manager, it’s still better than reusing passwords.

        Plus, if you know how to make a user on a lemmy instance (or any other web application), you pretty much know how to set up a password manager. If you know how to install an app on your phone and an extension in a browser, you’ll be able to use autocomplete pretty much always.

        If you’re worried about the costs, bitwardens free plan is pretty good (and with some know-how you can even self host). There’s probably other free ones too, but that’s what I’ve been happily using.