What is bad for users to set simple or the same passwords on different sites? Many do not believe that there is something terrible, well, let’s take an account on some forum, so what? Or just put a simple temporary password, then change it to the supposedly reliable, and this of course never happens.
So, what is the danger, even if you do not forward any confidential information, and account for you not seem valuable?
Attackers who get access to it, are likely to use it for some fraud. Most often it is the spread of Trojans, about selling equipment or currency exchange. Personal messages begging for money from friends contact. Also often hacked accounts are used to communicate criminals or evidence about the success of trades with scammers.
So carelessness in relation to its security is threatened not only by loss account and promotes the fraud and Commission of other criminal acts. Moreover, if there is a record in law enforcement about the incident(and there are more and more), then it is likely you will request data about the attackers and accomplices, and your account there will appear. If you are involved in a crime, you’ll probably be able to prove it, but why should it spend time and nerves?
As it is now most often gain access to accounts on forums and other sites? Because any sane resource is protection from brute force password attacks, to accounts passwords have not selected, select the account to passwords. For example, it is known that the password 123456 is the most frequently used of the simple and banished for the whole list of users with different IP, in the hope that someone will fall for it. And do fall. As if to drive so more than one password, and the 50 most frequently used, including combinations such as nickname+1 as the password? The harvest will be much higher.
The second most popular method is the use of bases with other compromised resources. Say, broke some ground, and if failed to remove database of usernames and passwords, then surely you can find someone who uses the same login information on other sites. And the same girder is arranged on all exchanges, forums, social networks, instant messengers and other sites which attackers can get something. If in database there are emails, also is an attempt to access mail. Recall that the only known compromised sites are already very much base who calmly walk across darknet, for example BitcoinTalk.org, BTC-E.com, MtGox.com etc.
What to do if you keep in mind a lot of passwords is difficult? If different ways. For example, use so-called housekeeper type KeePass, where you have to remember only the password from the housekeeper, and the rest of the passwords to take from it. Or you can have a base password and the algorithm changes depending on the resource. For example: base password + the first 4 characters from the domain. Thus it is not necessary to remember all the passwords and depend on the availability of a housekeeper at hand, it is enough to remember one base password and the algorithm of its changes. The options here are many, if you ask for, you can still find.
Important — this end to ask. Because at stake is not only your account, but you may unwittingly become an accomplice in the crime can be affected by other people, and you then have to spend time and nerves on proving that it’s not you with your account committed these acts.
So if you have a weak password, or he’s a lot more where used, better change it right now, not postponing. Then suddenly may become later/
I also want to warn you that the forum Forum.bits.media blocked all accounts that were obtained unauthorized access if it detects such a fact.