# Twitter warning



## RJ Keller (Mar 9, 2009)

There are a series of Tweets going around about a website called "Twitviewer." They claim you can see who's been looking at your profile by going to their site. When you click on the link and go to the site, you are asked to type in your Twitter ID and password.

*DO NOT DO IT.*

It's a phishing scam. If you have already done it, change your password. Pronto.


----------



## koolmnbv (Mar 25, 2009)

Thanks for posting about this.


----------



## carlobee (Jul 21, 2009)

thanks for this warning. what do they do to your account if you've given your ID and password by the way?


----------



## koolmnbv (Mar 25, 2009)

carlobee said:


> thanks for this warning. what do they do to your account if you've given your ID and password by the way?


O yes good question


----------



## Shizu (Oct 27, 2008)

Thanks for the warning. I always get suspicious when the site asks for my ID and password.


----------



## Shizu (Oct 27, 2008)

carlobee said:


> thanks for this warning. what do they do to your account if you've given your ID and password by the way?


Some people like to use same ID and password for other site so... they might be able to figure out that person's ID and password from that??


----------



## koolmnbv (Mar 25, 2009)

Shizu said:


> Some people like to use same ID and password for other site so... they might be able to figure out that person's ID and password from that??


 Yep thats good thinking, I do that on most basic websites so they'd have gotten to me.


----------



## sigrosenblum (Dec 22, 2008)

I understand that it is not the best practice to use the same username and password for everything. I used to do that but now do simple variations of my basic ID. 

Some I remember. Most I do not. So I have a file with all of them listed and have a shortcut to that file on my desktop. Works pretty well. And I feel a lot more secure. Any other ideas?


----------



## pidgeon92 (Oct 27, 2008)

If you use a Mac, I highly recommend 1Password.


----------



## CegAbq (Mar 17, 2009)

I use LastPass.com; I can sync between my 3 different computers (netbook, laptop, work desktop) (I could also get it on my smartphone if I was willing to py; I just usually don't use my smartphone to access sensitive sites)


----------



## meglet (Feb 14, 2009)

pidgeon92 said:


> If you use a Mac, I highly recommend 1Password.


Unless you're using the new Snow Leopard OS on your Mac. As of yesterday afternoon (Friday 8/2 1Password didn't work with Snow Leopard. There may or may not be a fix coming, I don't use 1Password myself so I haven't really followed along.


----------



## pidgeon92 (Oct 27, 2008)

A lot of things are going to have difficulty with Snow Leopard initially.

Here's a note on their website:



> 1Password 3 (currently in beta) is fully compatible with Snow Leopard. To learn more about 1Password and Snow Leopard please visit our blog!


----------



## Betsy the Quilter (Oct 27, 2008)

sigrosenblum said:


> I understand that it is not the best practice to use the same username and password for everything. I used to do that but now do simple variations of my basic ID.
> 
> Some I remember. Most I do not. So I have a file with all of them listed and have a shortcut to that file on my desktop. Works pretty well. And I feel a lot more secure. Any other ideas?


I use a base word, for example Kindle. then add something that relates to the website that I can figure out from looking at the website, say, number of syllables in the domain name (KindleBoards would have 3) or the 3rd letter in the domain name or something and put that somewhere in the baseword, consistently in the same place.... I also have two basewords. One I use most the time, one I use sometimes, usually when I have to change a password and the site won't let me reuse the old one. Some sites require a capital letter, I always make the same letter, say the 3rd letter of the password, the capital one.

This is somewhat obsessive, I know. Do I really care if someone finds out the password I use for KindleBoards? Am I afraid they might start posting on my behalf but with uglier hats? I don't know...

Note: this is not the scheme I use for any of my financial websites (banks, cc's,etc, that's a WHOLE 'nother scheme that I'm not telling. )

Betsy


----------



## sigrosenblum (Dec 22, 2008)

Betsy the Quilter said:


> I use a base word, for example Kindle. then add something that relates to the website that I can figure out from looking at the website, say, number of syllables in the domain name (KindleBoards would have 3) or the 3rd letter in the domain name or something and put that somewhere in the baseword, consistently in the same place.... I also have two basewords. One I use most the time, one I use sometimes, usually when I have to change a password and the site won't let me reuse the old one. Some sites require a capital letter, I always make the same letter, say the 3rd letter of the password, the capital one.
> 
> This is somewhat obsessive, I know. Do I really care if someone finds out the password I use for KindleBoards? Am I afraid they might start posting on my behalf but with uglier hats? I don't know...
> 
> ...


This makes sense, but would tax my simple mind. Too bad one has to worry about these things.


----------



## Betsy the Quilter (Oct 27, 2008)

Really, it's not that complicated. I tried to make it more generic below. You could really just use the letter that the website starts with and the number of letters in the domain at the end only if a number is required. So it would be Kindlek for Kindleboards, Kindlen for the New York times, Kindlew for the Washingtonpost, etc. If a number is required it would be Kindlek12 for Kindleboards, Kindlen7 for nytimes.com, kindlew14 for washingtonpost.com. (Kindle isn't my base word).

Sometimes I have to try twice if I don't remember that a number is required, or if a capital letter is required.

If I wrote things down, I'd have to keep track of the file or piece of paper.  This is way easier for me. Plus having a file on my computer with my passwords doesn't seem secure to me either as hackers can pull things from files.  I hope your file isn't called "Passwords"

You're right, it's too bad we have to worry about this stuff!

Betsy


----------



## Ann in Arlington (Oct 27, 2008)

I've heard of using first lines from favorite books. Say LnIdIwTmA:. . . .The first letters of the first line of _Rebecca_ with alternating caps. Might sub a 1 for one of the i's. . . . .then you just have to remember the books you like. . .probably not a difficult thing for folks here.


----------



## JimC1946 (Aug 6, 2009)

I use different passwords for every online account I have. I have them all recorded in an MS Word document that I save as an encrypted file that requires a password to open. So I only have to remember one password. I have the Word document on all three of our computers, and I also keep it on a flash drive.


----------



## Betsy the Quilter (Oct 27, 2008)

I really weigh the risk.  Do I really care whether someone hacks into my KindleBoards account?  Sites I have a paid subscription to are a little more sensitive, I don't want someone diverting my subscription or possibly finding out my credit card number.  So, I use my technique judiciously. But I hate looking things like passwords up, so I developed the system that works for me.  On the other hand, Albert Einstein said never memorize something you can look up!

Of course, I'm on the Internet for large chunks of time logging in and out of websites, so it's more of an issue for me!

Betsy


----------



## sigrosenblum (Dec 22, 2008)

Betsy the Quilter said:


> Really, it's not that complicated. I tried to make it more generic below. You could really just use the letter that the website starts with and the number of letters in the domain at the end only if a number is required. So it would be Kindlek for Kindleboards, Kindlen for the New York times, Kindlew for the Washingtonpost, etc. If a number is required it would be Kindlek12 for Kindleboards, Kindlen7 for nytimes.com, kindlew14 for washingtonpost.com. (Kindle isn't my base word).
> 
> Sometimes I have to try twice if I don't remember that a number is required, or if a capital letter is required.
> 
> ...


No, for my curiously constructed mind, this is way too Byzantine. And yes, as you guessed, "Passwords" is the name of my file!

I can construct involved mystery plots and wend my way happily through obscure historical sources. But I am aimlessly adrift in a digital world!


----------



## Betsy the Quilter (Oct 27, 2008)

Seriously, you might call the file something else...   Sig's Magic Bean Stalk Beans or something

Betsy


----------



## sigrosenblum (Dec 22, 2008)

Betsy the Quilter said:


> Seriously, you might call the file something else...  Sig's Magic Bean Stalk Beans or something
> 
> Betsy


I will change it, although I think I have pretty good security. Many thanks.


----------



## Betsy the Quilter (Oct 27, 2008)

Years ago, and viruses have only gotten more sophisticated, I got an email from a "friend" including an attachment that was a fragment of a file on his computer, and definitely something that was of interest to me (related to a car club we were both in.) Only it wasn't really from the friend, but the virus had pulled something from his computer and sent it, and I got the virus too. I believe in belt and suspender security where it counts.

Betsy


----------



## sigrosenblum (Dec 22, 2008)

Betsy the Quilter said:


> Years ago, and viruses have only gotten more sophisticated, I got an email from a "friend" including an attachment that was a fragment of a file on his computer, and definitely something that was of interest to me (related to a car club we were both in.) Only it wasn't really from the friend, but the virus had pulled something from his computer and sent it, and I got the virus too. I believe in belt and suspender security where it counts.
> 
> Betsy


Good thought. I'm out shopping for suspenders now.


----------



## Betsy the Quilter (Oct 27, 2008)

we want pictures!

Betsy


----------



## sigrosenblum (Dec 22, 2008)

Betsy the Quilter said:


> we want pictures!
> 
> Betsy


If you dare to take them, I'll give you a "belt"!


----------



## Betsy the Quilter (Oct 27, 2008)




----------



## Debra Purdy Kong (Apr 1, 2009)

rjkeller said:


> There are a series of Tweets going around about a website called "Twitviewer." They claim you can see who's been looking at your profile by going to their site. When you click on the link and go to the site, you are asked to type in your Twitter ID and password.
> 
> *DO NOT DO IT.*
> 
> It's a phishing scam. If you have already done it, change your password. Pronto.


Thanks for letting us know!


----------

