Crazy terrible security practice I've noticed recently: people logging into accounts on hardware they don't own.
I rented a car and realized a previous renter had linked their Google account to it and I could see previous Maps trips and saved addresses.
I rented a house and realized a previous renter had logged into their streaming accounts on the TV and if I had wanted, could really screw with them.
Yeah me too... people tend to forget themselves
In hotels too
I've been to some nicer hotels that have a system that auto logs out the TV from streaming accounts when you check out, but seems rare.
I also never log in to online services using Google, Facebook, or Apple. I always create a distinct account. Having said that, I can understand why so many people choose to do that given most people haven't heard of password managers.
NPCs live in a procedurally generated world -- from their point of view. They naturally expect it to disappear or reset after they leave. And for millions of years that's how the world actually worked.
Uh yes this is such a terrible practice. Normies are ignorant and many don't really care though.
😳
People forget that borrowed hardware isn’t borrowed trust 😅
People will log into their Facebook at Best Buy or a phone store. 🤦♂️🤦♂️🤦♂️
Wait until we have NWC/Fountain/Zapstream ubiquitous on Roku, so much money is gonna get lost.
Partly agree, but what can you do with my Netflix account on tv? Delete my profile?) It’s true though, any airbnb I get, I don’t have to log in into my Netflix anymore. There is a 100% chance previous guests didn’t log out 🤣
Back in the day, what you played on spotify used to appear to all your friends on your facebook profile as "X is listening to Y".
With that in mind, when people forgot to log out of spotify after a party, we used to put on albums called something like "orgasm sounds" or "penis enlargement meditation".
I'm sure there are lots of things people wouldn't want in their maps/netflix/etc history if you want to troll a bit.
I don't get why companies that rent out PCs don't always reset these machines. I used miles and also saw lists of previous users but I'm glad those didn't set the system to Japanese.
One time I rented a hotel room and found the previous tenants were still logged into their very obviously woke-focused YouTube account. Wouldn't want to maliciously cost anyone money, but I did take a bit of time to search up most of the biggest MAGA buzzwords to help them later. Hehe.
Joking aside, this is a mindset/discipline issue. If someone screws with your files on the workstation you left logged into, who's fault is that? OR they stole your car keys because you didn't lock the locker?
These are the same people we are trying to teach Bitcoin self custody best practices to. Most of the people I encounter can’t even maintain security on their primary email account password if I want it bad enough.
And some call me paranoid because each time I restart my browser, everything is logged out, all cookies cleared.
We are not the same person.
What’s the best benevolent move one can do to protect such (dumb) user? Should we simply logout their account when it happens? Anything better to do?
