NetTalk Central

News and Announcements => Your Views and Comments => Topic started by: jslarve on August 01, 2018, 10:38:25 AM

Title: Reddit and 2FA Security Incident
Post by: jslarve on August 01, 2018, 10:38:25 AM
https://www.reddit.com/r/announcements/comments/93qnm5/we_had_a_security_incident_heres_what_you_need_to/
Title: Re: Reddit and 2FA Security Incident
Post by: Bruce on August 01, 2018, 10:34:33 PM
hi Jeff,

While I'm sure this post is meant to be helpful, I fear that if we report every security breach here we will rapidly dwarf all the other posts on the forum. There are literally dozens of security breaches each (year? month? week?) and if you pay even the slightest attention you'll know that Security is important to worry about.

As a _user_ there are simple things you can do to limit the damage from any one site.
a) Never reuse passwords. Use a password manager, and generate a unique, random, long, password for every site you register at.
b) Turn on 2 factor authentication where it is available.

As a _developer_ you should be taking the security of your web properties seriously. At the bare minimum this means keeping reasonably up to date with NetTalk. I'm not saying every single build, but updating every quarter or so is a must. Security is a moving target, and there are continual changes to security best practices, updates to possible vulnerabilities and so on.
Given the number of people still using old NetTalk versions (I'm looking at you NetTalk 9 and NetTalk 8 users) most of my advice in this area seems to fall on deaf years.

cheers
Bruce