So the flaw is that if one site is hacked, all the sites are hacked? And because... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		markessien on Feb 27, 2009 \| parent \| context \| favorite \| on: Why your tiered password scheme is flawed, and wha... So the flaw is that if one site is hacked, all the sites are hacked? And because of that, people will start sending spam from my account? That argument does not make sense. Most sites do not send things out using my name, and those that do have very limited options for spammers. For example flickr, or Hacker News.

philh on Feb 27, 2009 [–]

I use the same pseudonym for several sites, some of which have my email address in my profile. If I was using the same password for all of them, access to any would mean I was compromised.

I certainly wouldn't consider "they may know my password, but they'll never guess my email address" to be reasonable security.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact