Online Backup Firm Carbonite Tells Users To Change Their Passwords Now

Security reporter Graham Cluley writes:Online backup company Carbonite is the latest firm to have issued a warning that hackers are attempting to break into its users accounts, and are prompting all users to change their passwords as a result. An email has been sent to Carbonite users explaining that the attackers are thought to be using passwords gleaned from other recent mega-breaches. "Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised," the email reads. "To ensure the protection of all our customers and the safety of their data, we are requiring all Carbonite customers to reset their login information."Instructions to assist you with changing your password is here.

More sites should support unauthenticated access

If there's one thing we should learn from these breaches it's that having to create an account to use a site is generally a dumb thing to do.

Yes, it's unavoidable in some cases, but in other cases there's no reason not to allow Anonymous Coward-style interaction, like Slashdot does.

As we can see from sites like Slashdot, Reddit, Hacker News, and Stack Overflow, supporting or forcing the use of accounts actually reduces the quality of the discussion. Everybody becomes concerned about protecting their "karma" or "points" or whatever they fuck the site calls them, and instead of getting real discussion we often get a pacified, pathetic discourse instead.

Accounts are typically one of the worst things that a web site can support.