jmdocherty

I've used webpagetest.org and gtmetrix.com in the past. It's been a while so I thought I'd ask HN in case there are more modern ways of checking for opportunities for performance improvement/adherence to "best practices".

I know they're imperfect but I also use these tools for getting a feel for the care that has gone into crafting a site.

Anyone have any resources for doing a quick "yep it looks OK" website checks?

I have (had!) a 2 letter Instagram account which although dull (read: family pics), was pretty popular with people trying to get hold of it. I received "password reset request" emails most days and people routinely offered to buy the account. I often pressed the "report to Instagram" link in the emails but that didn't seem to make any difference to the flow.

I tried to be careful so used Lastpass to generate and store my passwords. I just checked on grc.com/haystack and the password used had a search space size of 4.45 x 10^31 (or a "Massive cracking array" would take "1.41 hundred million centuries"). The account email was in the format [unique string]@mydomain.com.

I use Gmail for my email and it doesn't look like my account has been accessed by anything suspicious. I live/work in the middle of nowhere (literally fields all around) so stealing tokens over my wifi seems unlikely. I use iOS devices and have only ever accessed Instagram on Chrome a couple of times.

I've reported it to Instagram but my question to HN is how could this have happened? What else should I look for to check other areas of my digital life haven't been compromised?