im pro children having privacy but if you think parents should give kids unrestricted internet access…its not 1999. in 2022 thats legitimately neglectful. do you know how many kids are out here like. watching gore and porn. its not normal or healthy. its traumatic.
Using parental controls to block sites and seeing what websites your 13yo goes to- legit.
Using apps that monitor every text conversation your 17yo has with their friends- fucking invasive and creepy
i saw a post today where someone stated that they often can’t tell real information from misinformation online. i am not here to make fun of that person. that being said, the ability to figure out if information is real or not is a critical skill for everyone who uses the internet. you need to be able to do that on your own. it’s great if you can get help or if people will tell you what’s real and what’s not, but you also need to be able to do it by yourself. simple, easy tips under the cut.
Really genuinely feel like we need to bring back internet safety classes.
like this isn’t about “no one on the internet is your friend” it’s about “everyone on the internet can be entirely anonymous and disappear at a moment’s notice and you need to be aware of that and be sure of people’s intentions” it’s about “that person might be really nice and giving or they might be scamming you and you need to be able to tell the difference” it’s about “you need to be sure that the link you’re clicking on is going to take you to the right place”
it’s basic stuff i’m not trying to scare people but you need! to practice healthy skepticism online!!
If the bottom of the page turns red, it means that your email is in at least one set of data from a breach.
2. Scroll down on the page to look at the breaches your email was in. I want you to look specifically for breaches that include passwords.
What this means is that your email address, which you have used as an account name for twenty years, and your password, which you have used across platforms for twenty years, are available for anyone on the web who wants to look. It’s pretty easy to go and find too!
This is how a LOT of identity theft and fraud happens these days.
Let’s say you created your LiveJournal account when you were fifteen. You used it a lot and by the time you were twenty the credentials you created for it were familiar and you plugged them in whenever you had to create an account. You plugged them in when you created a Facebook account. You plugged them in when you created a bank account. You plugged them in when you created the account that lets you see your lab results from your doctor’s office.
All that someone has to do to seriously fuck your life is to do the following:
Find your email and password in one of these lists.
Compare to other lists and see if the same information is present
Seek out the most common account types (gmail, facebook, yahoo, hotmail, icloud, amazon, and one of about five financial institutions)
Start entering your username and password
Literally, profit.
That’s all it takes. If you used the same username and password in two accounts in a breach, you probably used it elsewhere. Maybe you put an exclamation after the password, or entered your birth year, but those are pretty easy things to guess about and well worth it if someone can send themselves all the cash in your bank or order a shitload of giftcards from your amazon account.
And look: I know it ’s really easy to not take warnings about passwords seriously. I know that if you haven’t been screwed by this yet that it’s easy to think that your password is strong enough, that you’re going to get overlooked because you’ve got less than a hundred dollars to your name, that you’re not going to have a problem with this.
People re-use passwords all the time. They re-use passwords constantly. And a lot of people don’t understand that those passwords are freely available out on the internet.
Think about what would happen if someone locked you out of your primary email account and there was no way to get back in. You go to change your password on social media and what does it do? Sends a confirmation to your email, which you now don’t control. Is your primary email one of the ways that you get information from your bank? Is it how you log into and track orders from online resellers? How do you log in to the profile on your phone? Do you have a browser profile? Do you log in with your email address? Does your browser profile save your credit card numbers?
This is why we use password managers. This is the advantage to password managers. With a password manager there is ONE password you have to be very careful to keep safe (the password to your password manager) and all the other passwords are disposable. Did your email get revealed in the Tumblr breach? NBD, use your password manager to generate a new, unique password for your tumblr account, change it, and you’re good to go.
I know it seems like a giant pain in the ass to start using a password manager. I know it seems like a much bigger headache to log into a password manager and copy passwords than it is to type in the password that you KNOW. But I promise that using a password manager is a much smaller headache than freezing your credit so that people stop applying for credit cards in your name, or trying to start a brand new email from scratch when you get locked out of your old one, or tracking down all of the photos that someone could download from your cloud storage and making sure that they aren’t getting posted on revenge porn sites.
Bitwarden is a secure, open-source password manager that has a free option for individual users. It has apps available for iOS and Android, and extensions for Firefox (which is also supported in Firefox Mobile) and Chrome. It has an extremely comprehensive tutorial series to help you learn how to use it. If you’re thinking about signing up for a password manager but you’re not sure, I strongly recommend checking out some of those videos.
I also promise that using a password manager gets easier the more you use it. It’s a big hurdle to jump over when you’re getting started, but it gets easier pretty much immediately.
And this doesn’t have to be an all-or-nothing proposition. You can create an account with a password manager and just save one login to start. It’s actually easiest if you keep it low-key and just update your logins whenever you find yourself needing to log in to a site instead of trying to go through and do it all at once before you’re familiar with the program.
I’d recommend starting with at least two things: your primary email and your primary bank account. After that update any major online retailers you shop frequently and any social media that you use often.
A password manager is also a great place to store account recovery codes, answers to security questions, previous passwords, PINs, and secondary contact methods.
A lot of people worry that a password manager is an even bigger risk than just reusing passwords or creating memorable passwords or writing passwords down in a notebook because if a password manager is breached then all of that very important data is exposed. This is a reasonable thing to fear, and that’s why it’s important to be careful about what password manager you use.
This is why I recommend Bitwarden. Bitwarden uses a very secure encryption scheme and never stores any of your data in plaintext. If Bitwarden is breached and leaks data, all that will be leaked is gibberish. What you need to worry about to keep your password manager secure are the following:
Create a good, complicated, unique password for your password manager. This password DOES need to be memorable, so pick something that will be easy for you to remember. I like to use song lyrics and the year a song was released for this, so something like “Nggyu,Nglyd,Ngraady82” if we’re using “Never Gonna Give You Up” as an example.
Make sure that you have secure recovery methods for your password manager; save your recovery passphrase in a safe place (I have a notebook with info like this and software activation codes and so on that I keep in my sock drawer, as well as a password protected folder on my desktop)
Only log in to your password manager from devices that you use a pin or password to log into - if you aren’t doing that, at least make sure to set a short vault timeout, so that your password manager will log out after a set (short) period of time
Do not use the password for your password manager anywhere else
Do not tell anyone the password for your password manager
Make sure that your devices have good security and don’t allow people remote access to your computer or devices.
Basically YOU are the only way that someone can get into your password manager. Your password is the only thing that can unlock it, which means that A) you have to ensure that you won’t lose the password and B) you have to ensure that nobody else has access to the password. I know that first one sounds scary, but there are a LOT of ways to recover a Bitwarden account if you take the time to set them up. The second one is much simpler, and is the thing that is going to keep your password manager safe.
Anyway ILU please use a password manager.
This is actually a great question. You *SHOULD* be suspicious when presented with websites that ask you to enter your email or when given advice from randos on the internet.
One of the easiest things to do when you see a novel piece of information and you want a general background on it is to check wikipedia.
The wikipedia page does a pretty good job of explaining what it *does* and does suggest that a lot of people use it, but that’s not really enough info to know whether to trust something. So it is perfectly reasonable to do a search of your actual question: “Is haveibeenpwned safe?”
This is somewhat complicated, because various search engines are going to return various answers and it’s not like any of those answers are definitive either.
So, you know that “is haveibeenpwned safe” is a computer security question, so it’s worthwhile to see what security and computer focused people say about it. The Register, PCMag, ZDNet, and HowToGeek are all computer-focused resources; you can search “haveibeenpwned” on those sites and see what they say.
But you might not trust those sites either. You may want to ask a group of internet-savvy users users. It’s kind of a joke that you need to add “reddit” to the end of a query to get a good answer these days, but sometimes that’s an effective way of getting an answer!
You can also take into consideration the history of the site: It has been around for about 10 years now, and if it were dangerous or risky to use there would be a lot of articles out about it. But when you search “is haveibeenpwned dangerous?” pretty much every site agrees that it’s safe.
Information literacy has a lot in common across a lot of different fields, and one of the things that is true across the board is that you need to be able to identify good sources of information before you can feel secure discussing a topic. It is a VERY GOOD idea to question random tech advice that you stumble across on tumblr dot com because tumblr is not generally known as a good source of tech knowledge.
The sheer number of kids who are straight up putting their real names and ages and location in their bios like “Natasha | 14 | Minor | New York, NY!” and occasionally putting their actual school or city in their tags just terrifies me like no stop stop stop remove that right now I cannot emphasize how unsafe that is for you I am begging you for your sake remove thst shit right now
