Don't post your passwords in Washington Post comments section
The Washington Post
"I couldn't give a flying fig about the Heartbleed thingamajig," a commenter posted on a Brian Fung story in The Washington Post. He posted his passwords and welcomed others to:
read all the eMail I have. Sneak into my WaPo, NYT or CNN accounts and go crazy making comments in my name. Break-into my Facebook or Twitter profiles and change my hometown to Gas City Indiana, swap-out my avatar with a picture of your nads, make friends with people I don't know.
Guess what happened next.
"It's possible that this is a hoax," Fung allows. (Fung couldn't get in touch with the person, and he tells Poynter in an email that the Post removed his comment.) "But the lesson is no less valid: Share your credentials online, and you won't have to worry about getting hacked — you'll have done all the hard work for the criminals."