What happens if someone emails you your REAL password?

bingewatching jim's vids on patreons and i use a password manager, but this prompted me to look into stuff on my google & find out that i have tons of accounts on different sites that have been compromised. no real issues since they're all old accounts & none have saved cards (plus all the websites luckily updated their security to stop anyone from logging in to a compromised account), but still !! never would've realized otherwise

marika cpl

If you use a catch all account, these emails are even funnier. For those who don’t know, when I sign up for a service, I never give my main email address that I login with. I sign up with the “name of company” @mydomain.com. So, to my surprise, when I get a threat to say my old MySpace email login, I can only laugh because it’s not something I used outside of MySpace. But, there are other issues that can happen using a catch all so it’s not completely issue free. Jim, what is your thoughts on Google Chrome password manager?

Josh

Thanks so much for the revelation of yet another scam!

PapiKink

thanks for this video and advice. I had gotten one in the past and was directed to the site to check for other data breaches. I had the linked in one and ended up just deleting my account and resetting other passwords on sites that had been breached. This is a great video and should get more air time so that others can see this. It happens a lot. Thank goodness I am somewhat a "techie" myself and can figure out this kind of stuff. It also helps to be suspicious by nature. LOL!

Mary Torrez-Watson

I recently tried out a bunch of password managers to recommend to my technologically-challenged friends. My goal was a lightweight app, free (no ads), an unlimited number of entries, portable between devices, no third-party cloud storage (usable offline), strong encryption, and a very very simple user interface. After trying four or five of the ones recommended on tech sites, I reverted to the one I have been using for more than 10 years - opensource PasswordSafe. I use it not just for website logins, but for all sorts of information that I want to keep secured, such as the code to "unlock" the stereo system in my car after the battery has been changed. Why rummage around for codes you might need once in five years? My current database has nearly 300 entries, including websites that I may have logged into only once many moons ago.

I got one just recently, with a password, but I had never used that password for anything. They threatened to send a "compromising video" to my Facebook friends (I don't have a Facebook account) and I keep a piece of paper taped over my webcam.,,, It is a hot scam.

No problem....glad this is useful.

Jim Browning

Thank you for your information. Got e-mail like this. Followed your advise to check https://haveibeenpwned.com/. Found the site i used on the list ("Houzz:"). Thankfully it went to junk mail. Got a few of them for about 6 months until it stopped. All went to junk mail. Changed my passwords as you advised. Thank you again.

Aliaksei Ivanov

I got one of these emails.. Freaked a little, but it was an old password, and one I didn't use for anything important... so, no worries, but thanks for the video.

Joseph Brzezinski

Very odd - Maybe Dashlane will look into this?

Jim Browning

Jim, I love the idea of Dashlane, however I ultimately had to disable it. I'm a web developer and have been experiencing oddities when testing new jQuery code on my site. Not sure why, but each time i did a simple .show() rather than execute and show using my selector, a new dashlane hidden div was added to the DOM. as soon as I disabled dashlane, my script worked as expected. I'm guessing it could be a namespacing collision, but alas I do not have time to look into the details. I'll be sure to send a report to dashlane as well. -Cheers, Kevin

Maybe I'm lucky then... as yet, I've not had one of these emails, but I know it's only a matter of time. I'm certainly not betting against it next year.

Jim Browning

I get these I just laugh I find them funny esp when there spelling mistakes in them or a really old password :D

That's a really good tip Kevin... simple substitutions and rule-based password schemes would put a lot of the 'compromised account' worries to bed if people used simple tricks like these. I intended to do something similar myself, but came across Lastpass when contemplating hardening my account security, and went that route instead. Dashlane looks good for the account monitoring service (and the VPN is a nice touch), so I'm finally having a look at it now.

Thanks Bonnie. I'm a Troy Hunt YT subscriber myself.

Jim Browning

You are not selling out. I have used a password manager for years and love it! (I have followed Troy Hunt for years as well. He knows his stuff.)

Password managers are great, however I like using a plain old password system (POPS if you will :) ). I do something like the following (not my actual password, just an example) a word + some numbers + first three letters of the domain or software you are using. Orange317!ama (for amazon) Orange317!qui (for quickbooks) You can even get fancier and intersperse the 3 letters within your password with caps OArangeM317!A (again for amazon) OQrangeU317!I (again for quickbooks) In this example you just need to remember the one password, Orange317 how you plug in the first three letters. I've been using this method for nearly a decade and its pretty flawless. Re: being a sellout, definitely not. Any level of success is bound to come with sponsorships. As long as you believe in the product, that's all that matters. I wish you all the luck and success you deserve in 2019 Mr. Browning!