bit-tech.net

Go Back   bit-tech.net Forums > bit-tech.net > Article Discussion

Reply
 
Thread Tools
Old 13th Jul 2012, 12:45   #1
brumgrunt
Ultramodder
 
brumgrunt's Avatar
 
Join Date: Dec 2011
Posts: 1,009
brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.
Yahoo, Phandroid passwords leaked

http://www.bit-tech.net/news/bits/20...words-leaked/1
brumgrunt is offline   Reply With Quote
Old 13th Jul 2012, 12:52   #2
longweight
Possibly Longbeard.
 
longweight's Avatar
 
Join Date: May 2011
Location: London
Posts: 10,517
longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.
So this only effects Yahoo users? Yahoo had the users gmail username and password?
longweight is offline   Reply With Quote
Old 13th Jul 2012, 12:59   #3
Wingtale
Minimodder
 
Join Date: May 2010
Location: Doncaster
Posts: 36
Wingtale has yet to learn the way of the Dremel
Quote:
Originally Posted by longweight
So this only effects Yahoo users? Yahoo had the users gmail username and password?
This effects everyone that had an account, even gmail ones
Wingtale is offline   Reply With Quote
Old 13th Jul 2012, 13:02   #4
will_123
Small childs brain in a big body
 
will_123's Avatar
 
Join Date: Feb 2011
Location: Edinburgh
Posts: 1,046
will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.will_123 is the Cheesecake. Relix smiles down upon them.
There is a web app that checks if your email was compromised i checked my gmail, wasn't sure if I had ever used it to login there. Go on enda gadget the link is no there somewhere.
__________________
i5 3570k @ 4.5GhZ | H100i | Twin Frorz 7870 | Pure Pro MX Blue

Web Hosting - http://www.goforthhosting.com
will_123 is online now   Reply With Quote
Old 13th Jul 2012, 13:11   #5
longweight
Possibly Longbeard.
 
longweight's Avatar
 
Join Date: May 2011
Location: London
Posts: 10,517
longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.
Meh, changed my gmail password anyway. It was overdue!
longweight is offline   Reply With Quote
Old 13th Jul 2012, 13:24   #6
Spreadie
http://goo.gl/vNwEky
 
Spreadie's Avatar
 
Join Date: Apr 2009
Location: an island in the south
Posts: 7,589
Spreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming SaiyanSpreadie is a Super Spamming Saiyan
This is getting tedious
__________________
It is not "should of", "could of" or "would of". Educate yourself

2500K|Z77E-ITX|8GB|680|3007WFP-HC|DS Cube
Spreadie is online now   Reply With Quote
Old 13th Jul 2012, 16:43   #7
DragunovHUN
Go ahead, spell my name wrong.
 
DragunovHUN's Avatar
 
Join Date: Oct 2008
Location: Hungary
Posts: 4,925
DragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming SaiyanDragunovHUN is a Super Spamming Saiyan
Feck off Yahoo.
__________________
Gigabyte EX58-UD5 | Intel i7 920 @4ghz | 6x2gb 1600Mhz Corsair Dominator | 560Ti Hawk | Corsair RM750 | Lian Li PC-A77FB | 2x BenQ GL2460 | Logitech Illuminated | Logitech G500s

gog.com - Classic videogames, Windows 7 compatible, no DRM, bundled extras, outstanding service. Check it out, get hooked, spread the word!
DragunovHUN is offline   Reply With Quote
Old 13th Jul 2012, 21:22   #8
Cerberus90
petrolhead
 
Cerberus90's Avatar
 
Join Date: Apr 2009
Location: Leicestershire
Posts: 6,526
Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.
Quote:
Originally Posted by Spreadie
This is getting tedious
I'm getting fed up of having to think up new passwords too. Its hard enough when you've got hundreds of sites which all need a password.
__________________
Steam: Cerberus90
| Q6600 @ 3GHz | 256GB Samsung 830 |
| Gigabyte GTX660 Windforce| Fractal Core 3000 |

Cerberus90 is online now   Reply With Quote
Old 13th Jul 2012, 21:28   #9
longweight
Possibly Longbeard.
 
longweight's Avatar
 
Join Date: May 2011
Location: London
Posts: 10,517
longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.
It's not hard to have 5 keywords each with a different levels of security.

Security breaches will happen, this is a punishment for anyone that uses a Yahoo service.
longweight is offline   Reply With Quote
Old 13th Jul 2012, 21:43   #10
Cerberus90
petrolhead
 
Cerberus90's Avatar
 
Join Date: Apr 2009
Location: Leicestershire
Posts: 6,526
Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.Cerberus90 is definitely a rep cheat.
It says Gmail and hotmail accounts were compromised too, because of Yahoo.

So even if you don't use Yahoo, your somehow compromised.

Why the hell have Yahoo got Gmail and hotmail accounts and passwords anyway?



Might start using PasswordMaker, but have a higher level pass that I use for important sites like banking which I can remember without having to use PasswordMaker.
__________________
Steam: Cerberus90
| Q6600 @ 3GHz | 256GB Samsung 830 |
| Gigabyte GTX660 Windforce| Fractal Core 3000 |

Cerberus90 is online now   Reply With Quote
Old 13th Jul 2012, 21:44   #11
GMC
Deaf-mute
 
GMC's Avatar
 
Join Date: Jun 2010
Location: where angels fear to tread
Posts: 827
GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.GMC is the Cheesecake. Relix smiles down upon them.
Isn't Flickr a yahoo service? Can't think of anything else in their stable worth using.

Google details changed anyway
Pain in the bum...

Sent from my HTC Desire HD using Xparent Red Tapatalk 2
__________________
RIG: CM HAF922 | Gigabyte GA-890GPA-UD3H | Phenom II X4 965 BE | Asus HD6850 | 12GB OCZ/Crucial PC12800 | 2 x 128GB CRUCIAL M4 | 1TB Spinpoint F3 | 2TB WD20EARX | XFX 650W PSU | 23" AOC e2343F | Creative T20 | Steelseries 7H | Logitech G9x
HTPC: Silverstone LC16S-MR | Blu-Ray | Asus P7P55D-E PRO | i5-760 | Sapphire HD6450 | 8GB Corsair Dominator | Kingston 60GB SSDNow V300 | 2TB WD20EZRX | 4TB WD40EZRX | OCZ ZS 550W PSU
KEYBOARDS: HHKB PRO 2 | KBT PURE | WASD V1 ISO | Cherry G80-1800 WKL
GMC is offline   Reply With Quote
Old 13th Jul 2012, 21:45   #12
longweight
Possibly Longbeard.
 
longweight's Avatar
 
Join Date: May 2011
Location: London
Posts: 10,517
longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.
Quote:
Originally Posted by GMC View Post
Isn't Flickr a yahoo service? Can't think of anything else in their stable worth using.

Google details changed anyway
Pain in the bum...

Sent from my HTC Desire HD using Xparent Red Tapatalk 2
It is, that is why it has it's own special password
longweight is offline   Reply With Quote
Old 14th Jul 2012, 11:28   #13
DXR_13KE
Madeira's banana is the best!!!
 
DXR_13KE's Avatar
 
Join Date: Sep 2005
Location: Madeira ; Portugal
Posts: 8,875
DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.DXR_13KE is definitely a rep cheat.
Why is yahoo still alive?
__________________
Renegade X - Release Date Unveiled
Check it out!!
DXR_13KE is offline   Reply With Quote
Old 14th Jul 2012, 11:31   #14
longweight
Possibly Longbeard.
 
longweight's Avatar
 
Join Date: May 2011
Location: London
Posts: 10,517
longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.longweight is definitely a rep cheat.
Quote:
Originally Posted by DXR_13KE View Post
Why is yahoo still alive?
It's kept alive for people who still use IE6 and get their internet connection from AOL.
longweight is offline   Reply With Quote
Old 15th Jul 2012, 14:41   #15
PlayLoud
Minimodder
 
Join Date: Apr 2011
Posts: 26
PlayLoud has yet to learn the way of the Dremel
I use Yahoo for my spam email account. My real email account is on Gmail. Time to change the passwords for both. I use Lastpass, so I won't have to remember the new passwords anyway (which is good, since my passwords are all random characters).
PlayLoud is offline   Reply With Quote
Old 15th Jul 2012, 20:42   #16
NethLyn
Hypermodder
 
NethLyn's Avatar
 
Join Date: Apr 2009
Location: London
Posts: 940
NethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for presidentNethLyn should be considered for president
Because of the July 9th DNS attack I'd already changed them all last week, including the BT one, which I promptly forgot again and had to re-reset it to post in this thread these days I wonder whether the number code you're given for Bit Tech forums is more secure than anything I'd make up myself.

Changed the ones I use all the time but there's one minor account where I only logged in last week to change its password after that attack [EDIT] - I was going to wait and see if it was genuinely compromised but stuff it, changed that one too. Might as well do it the once and they're all done until the next time.

The Gmail suggestion is brilliant but again I'd need to use it all the time before I'd want to have a mobile phone around and switched on just to get into email. Changing the password will do for the moment.
__________________
Intel=Fast, AMD=Cheap.

Last edited by NethLyn; 15th Jul 2012 at 20:47.
NethLyn is offline   Reply With Quote
Old 15th Jul 2012, 23:50   #17
theshadow2001
I *am* a Dremel
 
theshadow2001's Avatar
 
Join Date: May 2012
Posts: 1,973
theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.theshadow2001 is definitely a rep cheat.
It makes me wonder if you really need passwords that are difficult to brute force since passwords tend to be compromised via database attacks and hacks like this.
theshadow2001 is offline   Reply With Quote
Old 16th Jul 2012, 07:43   #18
Gareth Halfacree
WIIGII!
bit-tech Staff
 
Gareth Halfacree's Avatar
 
Join Date: Dec 2007
Location: Bradford, UK
Posts: 4,096
Gareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming SaiyanGareth Halfacree is a Super Spamming Saiyan
Quote:
Originally Posted by NethLyn View Post
The Gmail suggestion is brilliant but again I'd need to use it all the time before I'd want to have a mobile phone around and switched on just to get into email. Changing the password will do for the moment.
The Google two-factor authentication is cleverer than that: the first time you log in to Gmail (or any other Google service) from a particular machine, it will ask you for the two-factor code from the Authenticator app. When you enter this, there's a checkbox: tick the box and it won't ask you for the two-factor code for another 30 days. For systems that don't support two-factor authentication - including, oddly, Android - you can generate one-time passwords which you can individually revoke at any time.
Quote:
Originally Posted by theshadow2001 View Post
It makes me wonder if you really need passwords that are difficult to brute force since passwords tend to be compromised via database attacks and hacks like this.
You should always use secure passwords - it's notable that, in all the recent breaches, only Yahoo was storing passwords as plain text. If proper information security is practised, and passwords stored as irreversible hashes, then the attacker needs to brute-force the hashes - either manually or through a rainbow table. The more secure (mixture of case, letters, symbols, length) your password, the less likely it is the attacker will ever figure out the hash.
__________________
Author, Raspberry Pi User Guide Third Edition, 21 Brilliant Projects for the Raspberry Pi and more | gareth.halfacree.co.uk | twitter
bit-tech news correspondent, Custom PC columnist, other things to other people
I'm a filthy freelancer! Hire me!
Gareth Halfacree is online now   Reply With Quote
Old 16th Jul 2012, 07:55   #19
Bindibadgi
I Mod, Therefore I Own
 
Join Date: Mar 2001
Posts: 34,814
Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.Bindibadgi is definitely a rep cheat.
Quote:
Originally Posted by Spreadie View Post
This is getting tedious
Agreed.

It really feels like it doesn't matter WHAT you change it to because right now they're more likely to attack the main server where your data is held rather than each account. It seems like it makes little difference if you change it to qwerty or 09faj49ajf9_+"|~!2 (I don't suggest it, but if I change my password again and it gets taken out again... what's the point)?

Quote:
Originally Posted by theshadow2001 View Post
It makes me wonder if you really need passwords that are difficult to brute force since passwords tend to be compromised via database attacks and hacks like this.
This. (Sorry just read it after I replied).
Bindibadgi is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 11:25.
Powered by: vBulletin Version 3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.