Discussion in 'Article Discussion' started by brumgrunt, 13 Jul 2012.
So this only effects Yahoo users? Yahoo had the users gmail username and password?
This effects everyone that had an account, even gmail ones
There is a web app that checks if your email was compromised i checked my gmail, wasn't sure if I had ever used it to login there. Go on enda gadget the link is no there somewhere.
Meh, changed my gmail password anyway. It was overdue!
This is getting tedious
Feck off Yahoo.
I'm getting fed up of having to think up new passwords too. Its hard enough when you've got hundreds of sites which all need a password.
It's not hard to have 5 keywords each with a different levels of security.
Security breaches will happen, this is a punishment for anyone that uses a Yahoo service.
It says Gmail and hotmail accounts were compromised too, because of Yahoo.
So even if you don't use Yahoo, your somehow compromised.
Why the hell have Yahoo got Gmail and hotmail accounts and passwords anyway?
Might start using PasswordMaker, but have a higher level pass that I use for important sites like banking which I can remember without having to use PasswordMaker.
Isn't Flickr a yahoo service? Can't think of anything else in their stable worth using.
Google details changed anyway
Pain in the bum...
Sent from my HTC Desire HD using Xparent Red Tapatalk 2
It is, that is why it has it's own special password
Why is yahoo still alive?
It's kept alive for people who still use IE6 and get their internet connection from AOL.
I use Yahoo for my spam email account. My real email account is on Gmail. Time to change the passwords for both. I use Lastpass, so I won't have to remember the new passwords anyway (which is good, since my passwords are all random characters).
Because of the July 9th DNS attack I'd already changed them all last week, including the BT one, which I promptly forgot again and had to re-reset it to post in this thread these days I wonder whether the number code you're given for Bit Tech forums is more secure than anything I'd make up myself.
Changed the ones I use all the time but there's one minor account where I only logged in last week to change its password after that attack [EDIT] - I was going to wait and see if it was genuinely compromised but stuff it, changed that one too. Might as well do it the once and they're all done until the next time.
The Gmail suggestion is brilliant but again I'd need to use it all the time before I'd want to have a mobile phone around and switched on just to get into email. Changing the password will do for the moment.
It makes me wonder if you really need passwords that are difficult to brute force since passwords tend to be compromised via database attacks and hacks like this.
The Google two-factor authentication is cleverer than that: the first time you log in to Gmail (or any other Google service) from a particular machine, it will ask you for the two-factor code from the Authenticator app. When you enter this, there's a checkbox: tick the box and it won't ask you for the two-factor code for another 30 days. For systems that don't support two-factor authentication - including, oddly, Android - you can generate one-time passwords which you can individually revoke at any time.
You should always use secure passwords - it's notable that, in all the recent breaches, only Yahoo was storing passwords as plain text. If proper information security is practised, and passwords stored as irreversible hashes, then the attacker needs to brute-force the hashes - either manually or through a rainbow table. The more secure (mixture of case, letters, symbols, length) your password, the less likely it is the attacker will ever figure out the hash.
It really feels like it doesn't matter WHAT you change it to because right now they're more likely to attack the main server where your data is held rather than each account. It seems like it makes little difference if you change it to qwerty or 09faj49ajf9_+"|~!2 (I don't suggest it, but if I change my password again and it gets taken out again... what's the point)?
This. (Sorry just read it after I replied).
Separate names with a comma.