Ok this is bullE36 M3! In the last two weeks two of my three E-Mail accounts have been hacked open, all have new passwords and this is the third time this year a breach has happend 
All three are Yahoo accounts, I keep nothing of vaule in my accounts but I do not like people just diggin around in my E-Mail.
Can anyone suggest a more secure service.
Thanks Paul B
Any other service. I too, have been hacked multiple times this year.
How was this Yahoo's fault? (serious question)
Usually it's weak passwords.
I don't know much about it, but Yahoo does have a multifactor authentication feature.
http://www.ymailblog.com/blog/2011/12/yahoo-introduces-stronger-user-authentication-%E2%80%93-second-sign-in-verification/
I would have thought a password with 15 letters (lower and upper case)/ numbers would be enough for a non-military account Should I up it to 20?
Paul B
Go with the multifactor authentication that Mike suggested.
Donebrokeit wrote: I would have thought a password with 15 letters (lower and upper case)/ numbers would be enough for a non-military account
My Yahoo password is not an XKCD password. 12 characters, single case, with special characters. Fairly weak. No issues, afaik.
Stronger passwords are important, sure. I'm not a big fan of the XKCD method. I like password managers. I've used Keepass before, and it's really nice. I still use it at work. For my personal stuff, I like Lastpass. Set a unique password at each site, and try to use the toughest settings the site allows.
And then you can't remember your password so you write it down and there goes the "strength" or you forget it and can't access your account.
The best thing to do is to use a password management tool such as KeePass.
Mike is wise.
robert
One more thing: In your answers to security questions, you can lie. Anyone who knows your porn name can get into your account because they know the name of your first pet and the first street you lived on. Lie. The name of your first pet is bpF8dXC4GAuYSF8Znm and the name of the first street you lived on is pF5dmS9j76gPQ337Fh. Store that in your password manager under the notes section.
Now, if you're using a hosted product like lastpass, they'll take care of storage and backups for you. If you're using Keepass, or some other manager that keeps your password file client-side, make sure you back the file up. Many backup services and online drives have a free tier. Your password file should be under a megabyte. A particularly good combination is a keepass file stored on Dropbox. Every time you change a password and save, Dropbox will ensure that the file is synced to their servers and to all of your other devices, automatically.
carguy123 wrote: And then you can't remember your password so you write it down and there goes the "strength" or you forget it and can't access your account.
That's the good thing about password managers. You remember one really good password, and possibly use a second factor for additional security. The password manager stores the really long, difficult passwords for you in an encrypted container. Most also keep usernames and web addresses together, and type everything into forms for you as needed. They'll remind you to change passwords if you want to set a maximum password age for yourself. Some will audit the length and quality of your passwords, and look for places where you've used the same password in two places.
Mike wrote: That's the good thing about password managers. You remember one really good password, and possibly use a second factor for additional security. The password manager stores the really long, difficult passwords for you in an encrypted container. Most also keep usernames and web addresses together, and type everything into forms for you as needed. They'll remind you to change passwords if you want to set a maximum password age for yourself. Some will audit the length and quality of your passwords, and look for places where you've used the same password in two places.
Then someone hacks them and they have your whole life.
You'll need to log in to post.
