This way every single site has a gibberish super long username & password that can't be brute forced & you never store the secret anywhere since you can easily memorize it & only give it to the encoder when rebuilding the username or password 👍 #Security#Password#Privacy#Dev
This is a similar way to how I used to build credentials for sites that were unique and yet memorable since most sites just stored the hash and never the full password. But after dozens of full password leaks from various sites you really can't trust every site to keep a secret.
Now, ideally you would want to put this in a little app on your phone that uses the clipboard or a browser plugin to make it really quick to just type in the pseudo username and password & have it automatically encoded it to the right one for the site. But no more storing creds.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
I always get a little excited when I convince #ChatGPT to do something it normally refuses to do 🏆
It wouldn't make me an email list of common names, but it would make a list of names with extra stuff added on the end on subsequent prompts 😉 #OpenAI#gpt3
PS: None of those email addresses are real so far as I know. They are just different permutations based on input to ChatGPT 🤣 So if you think somehow you're going to reach any of those people you're dreaming. But you might find a scammer camped out on their name 🍿
🔥 Had @LastPass not leaked their entire password database I would be safe right now even if attackers has my real password. They claim this is a “feature” that makes them extra secure. This is on them but I was dumb enough to believe they could keep their data & source safe 🔥
Remember when CAPTCHA was billed to us as free cutting edge bot detection when in reality we were all training Google Maps to read street signs & OACR for digitizing books & optimizing search? 🤔
If something is free then you’re ALWAYS the product 😎 #OpenAI#ChatGPT#AI
However this time they trained the heck out of the model to give it a solid foundation before allowing the public’s to start poisoning it. And now adoption is so high that good information outweighs bad information & it’s still being curated & hand held to gravitate towards truth
I don’t know how any other company will be able to catch up with @OpenAI and @Microsoft are so far ahead. But I look forward to seeing other companies try and they will have to now. They have no choice at this point since conventional search is garbage now by comparison.
I absolutely love #ChatGPT and think it is one of the biggest leaps forward in technology we have seen in our lifetimes revolutionizing how quickly we can acquire & apply knowledge.
That's why it sucks that @Microsoft basically controls it since it can't exist without @Azure 🤣
So, enjoy these early days of the technology where it's the wild wild west and you can still get some truly unique experiences with it because once it's a retail product it will have its wings clipped for anything that would enable someone to develop their own AI or rival MS.
Microsoft really needs to keep their foot on this technology and make sure it isn't replicated by anyone else. Remember, the code isn't what makes this product special, it's the training & dataset which is all empowered by the 2nd largest datacenter in the world @Azure.
To those of you that think I'm fear mongering by telling people to stop using online password managers I'll just say "Good!"! I want people to be scared! I don't want anyone to go through what I'm going through right now when a FIDO key can stop it! #Secamzn.to/3GMEJWf
If nothing else just get one & use it for your primary email address that you use for creating all of your other accounts online. If someone gets your primary email they own literally everything & prevent you from ever changing passwords, etc on things they don't take over.
So long as you have a physical rolling authentication like FIDO you can disable the 2FA recovery keys on your account or only physically print and store them in a safe offline only & ensure they can only be re-rolled or changed with the physical key which will save you!
The trick to combatting scammers & spammers at scale isn’t to block, delete or ignore them but rather engage them with adversarial bots that lure them & follow their breadcrumb trail by emulating real humans making real victims harder to find than needles in a haystack @MKBHD 😈
What I would start with is creating a matrix of all the common tells of a scam bot & use regular expressions to classify & weight them.
Ex.
- Account name contains social network name or abbreviation
- Message contains reference to other platform
- Emoji Pointers
- Dupe Posts
Then I would create a few
thousand accounts on each
platform using scripts to
automate speech to text to
resolve captchas (their weak
spot) & roll IP's through TOR or
VPN to avoid bot detection using
scammers own tricks. I'd use
face generator to make unique
profile images 😎