Watch out for Bezeq

[Nadav Har'El]

On Sun, Sep 01, 2013, Mord Behar wrote about "Watch out for Bezeq":
> receipts and stuff. When I signed up I provided a username and a password.
> Which they then sent me to my email address in plaintext.
> So just a reminder: don't reuse passwords, and use a "throw-away" password
> for bezeq.

This is a very important general advice, that has nothing to do with
Bezeq - don't reuse passwords for different services.

Remember the old adage - "don't write passwords down"? Forget you ever
heard that piece of advice. It is a load of crock. Do use different a
password for each service, and *do* write them down (on paper or on a
computer file). If you do not write your passwords down, you'll be tempted
to re-use a password that you already remember :(

As an example of what can happen because of reusing passwords: Three
years ago, some cracker broke into the gmail accounts of thousands of
Israelis. How? He broke into the web-site of some Israeli pizza chain,
and stole their password files. People who created an account on that
site (for ordering pizzas) were ask to supply their email address, and
also a new username and password, and the cracker now had all of those.
All he had to do next is to go to each gmail account on that email
address list, and try the password given to the pizza site. Next, he
went to Facebook, and tried his luck with the same username and
password. For a large percentage of the idiots^H^H^H^H^H^Husers, the
password was the same password used for the gmail/facebook account.
See http://www.ynet.co.il/articles/0,7340,L-3921182,00.html


-- 
Nadav Har'El                        |         Monday, Sep 2 2013, 27 Elul 5773
nyh at math.technion.ac.il             |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |"Luck is when preparation meets
http://nadav.harel.org.il           |opportunity." - Richard Sherman