Damn, my two most used email addresses were pwned.

By
Damn, my two most used email addresses were pwned.
http://www.iflscience.com/technology/if-your-email-address-is-on-this-list-change-your-password-right-now/

Comments

Roberto Bayardo said…
Seems the details of the pwnage are important.... if it's only salted hashed passwords that were leaked, it doesn't really matter. Nor do the leaks matter if you don't reuse passwords.
August 31, 2017 at 1:16 PM
Dan Eastwood said…
Two of mine, but I changed passwords after every one of the incidents.
August 31, 2017 at 1:21 PM
Roberto Bayardo said…
Thought -- this site itself raises a privacy concern: You can type any e-mail address into it and find many sites the owner of that addressed signed up for. I wonder if that list of sites has been filtered for anything "sensitive"?
August 31, 2017 at 1:35 PM
John C. Reid said…
One of mine was involved in 7 different incidents. However, the password was changed more recently than any incident, it is 21 characters long, and never reused.
August 31, 2017 at 1:38 PM
Tony David said…
Roberto Bayardo The breaches are categorized. Sensitive breaches like the Ashley Madison one require email verification. ( haveibeenpwned.com - Have I been pwned? FAQs )
August 31, 2017 at 2:06 PM
Jason ON said…
I used the same 123password456 for everything. Is that wrong?
August 31, 2017 at 2:25 PM
Roberto Bayardo said…
Thanks for the clarification, Tony David.
August 31, 2017 at 2:35 PM
John C. Reid said…
Jason ON​ actually not as bad a you might think. It is 14 characters long. The time it takes a brute force to get to 14 character combinations is more than your lifetime and rainbow tables that go to 14 characters are multiple terabytes in size, so not commonly used. A password that is just 16 consecutive 1s in a row is much, much less likely to get cracked using current methods than one that is truly random but only 12 characters.
August 31, 2017 at 3:20 PM
Jason ON said…
John C. Reid, I was making a joke. That's not my password.
August 31, 2017 at 4:21 PM
John C. Reid said…
Jason ON I got your joke, I was just letting you know that your joke fell flat. To be funny you would have had to pick a password that was actually bad but a person who doesn't know better would think was good. Instead you created one that was ironically good. Next time you try that joke, say your password is p@ssword1.
August 31, 2017 at 6:17 PM
Jason ON said…
John C. Reid, the joke wasn't the content of the password, but [1] using it for everything and [2] sharing online on a public post, no less.
August 31, 2017 at 6:36 PM
Post a Comment

Popular posts from this blog

So, Minnesota would rather people not be able to advance themselves without the officiating organization paying a...

By
So, Minnesota would rather people not be able to advance themselves without the officiating organization paying a fee, first? Do libraries have to pay a fee to lend books? Do documentaries put together by universities have to pay a fee first? If I move into the state and give away old college text books, do I have to pay a fee first? http://www.forbes.com/sites/evapereira/2012/10/19/minnesota-bans-free-online-education/
Read more