Forced Password Resets

[SarcasticGamer2345]

You guys are simply amazing. Thank you! Although this account is barely 4 months old, it is still nice to know that my information is safe.

[jaderiver]

Yes Thank nexus team, will do a pw reset shortly =D

[Reetonzzz]

Wish I new wich password I was using when the breach happened incase I still have it on other sites that I use.

[lued123]

In response to post #41058105.

  Reveal hidden contents

  Quote

osmiumbin wrote: Hello Dark0ne, can you please let us know what hashing algorithm you are using to store the passwords? It matters for brute force attacks especially.

More about that here:

Cheers!

Yeah because telling the hackers "THIS IS HOW WE ENCRYPT OUR PASSWORDS!" will totally help things. In all seriousness though, while it would be nice to know, it would also be very, very bad for security reasons.

[Jaelli]

I'd changed my pw when this first became known. And then I changed it again.... and I'm changing it again tonight.

 

Thanks for the info Dark0ne. Blessings upon your head, and your firstborn.

[trudgy]

In response to post #41055575. #41057105, #41057950 are all replies on the same post.

  Reveal hidden contents

  Quote

hatsjer wrote: Well... Time to reset my password nearly everywhere I suppose.

  Quote

RoyBatterian wrote: You should never use the same password on more than one site.

  Quote

hatsjer wrote: I'm just a lazy man. I guess I pay for the consequences now.

for lazy people like me, you just need a password manager.

[graymaybe]

In response to post #41058105. #41063005 is also a reply to the same post.

  Reveal hidden contents

  Quote

osmiumbin wrote: Hello Dark0ne, can you please let us know what hashing algorithm you are using to store the passwords? It matters for brute force attacks especially.

More about that here:

Cheers!

  Quote

lued123 wrote: Yeah because telling the hackers "THIS IS HOW WE ENCRYPT OUR PASSWORDS!" will totally help things. In all seriousness though, while it would be nice to know, it would also be very, very bad for security reasons.

Or, instead, everyone can go on ahead and watch the video about choosing passwords that's linked in the description of the video you've linked us to (

), and just stop using terrible passwords.

[turulo]

In response to post #41058105. #41063005, #41063875 are all replies on the same post.

  Reveal hidden contents

  Quote

osmiumbin wrote: Hello Dark0ne, can you please let us know what hashing algorithm you are using to store the passwords? It matters for brute force attacks especially.

More about that here:

Cheers!

  Quote

lued123 wrote: Yeah because telling the hackers "THIS IS HOW WE ENCRYPT OUR PASSWORDS!" will totally help things. In all seriousness though, while it would be nice to know, it would also be very, very bad for security reasons.

  Quote

graymaybe wrote: Or, instead, everyone can go on ahead and watch the video about choosing passwords that's linked in the description of the video you've linked us to (

), and just stop using terrible passwords.

Algorithms for encrypting passwords are well known and their strength comes from the algorithm itself and the quality of the password and not from keeping them a secret.

[turulo]

In response to post #41055575. #41057105, #41057950, #41063575 are all replies on the same post.

  Reveal hidden contents

  Quote

hatsjer wrote: Well... Time to reset my password nearly everywhere I suppose.

  Quote

RoyBatterian wrote: You should never use the same password on more than one site.

  Quote

hatsjer wrote: I'm just a lazy man. I guess I pay for the consequences now.

  Quote

trudgy wrote: for lazy people like me, you just need a password manager.

I use Keepass (opensource in sourceforge) to manage all my passwords, every site has a random password with numbers, digits and symbols. That is the most secure and simple way I know to keep passwords.

[kapricornio]

I reset my password for my favorite site. Thanks for the warnings.