MarwenV Posted December 30, 2019 Share Posted December 30, 2019 Error in the article: > but that any encrypted passwords that have Usually, you don't encrypt passwords, you hash them. Like: > to other user data including email addresses, **password hashes** and password salts Thanks for letting us know though! Link to comment Share on other sites More sharing options...
EstrangedModder Posted December 30, 2019 Share Posted December 30, 2019 Does this explain my router saying There was a heartbleed attack months ago when the only site I visited was the morrowind nexus Link to comment Share on other sites More sharing options...
PCGirl Posted December 30, 2019 Share Posted December 30, 2019 Well this certainly might explain the Trojan I had infect my system. Thankfully, I caught it as I constantly run virus scans over and above the general quick scan that it does. I did change my login and password, so hopefully no more lurkers.. Link to comment Share on other sites More sharing options...
Guest deleted34304850 Posted December 30, 2019 Share Posted December 30, 2019 Well this certainly might explain the Trojan I had infect my system. Thankfully, I caught it as I constantly run virus scans over and above the general quick scan that it does. I did change my login and password, so hopefully no more lurkers..no, there is no correlation to this issue and you having a trojan on your computer whatsoever. Link to comment Share on other sites More sharing options...
hard8 Posted December 30, 2019 Share Posted December 30, 2019 I thought it was Dell's Optimize Your PC scanning program that had missed up my sign in with this site yesterday, I switched internet providers a few weeks ago, and it be normal for the site to be nervous about my new ip address and provider service!.. Link to comment Share on other sites More sharing options...
DaisukeNiwaKun Posted December 31, 2019 Share Posted December 31, 2019 "and thus cannot ascertain how many - if any - email addresses, password hashes and salts were accessed. " - So you inform users about this almost 2 months later? From what I've read you should inform users immediately! here's the source: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/ How users can defend themselves if you alert this so late? Some of us buy premium membership what about payment information, credit card numbers? I know that many people here they do not realize the seriousness of the situation. Link to comment Share on other sites More sharing options...
Lynxk88 Posted December 31, 2019 Share Posted December 31, 2019 (edited) 12 character password.Geeze, I wish I knew how to hack. I can't remember this garbage, that's ridiculous. As such this may very well be my last successful login, time will tell.But I've gotta ask, just why have so much security your users are expected to remember impossible gibberish?It's not like everyone buys stuff daily...and even if they did... Well, ask Amazon. Edited December 31, 2019 by Lynxk88 Link to comment Share on other sites More sharing options...
Guest deleted34304850 Posted December 31, 2019 Share Posted December 31, 2019 "and thus cannot ascertain how many - if any - email addresses, password hashes and salts were accessed. " - So you inform users about this almost 2 months later? From what I've read you should inform users immediately!here's the source: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/ How users can defend themselves if you alert this so late? Some of us buy premium membership what about payment information, credit card numbers?I know that many people here they do not realize the seriousness of the situation.in a post a week or so ago, I asked at what stage of the process that was followed, was the step to tell users executed. The reason I asked that question was because my understanding, based on that link, and other information around data breaches, suggest that the users told as a matter of urgency. Link to comment Share on other sites More sharing options...
Guest deleted34304850 Posted December 31, 2019 Share Posted December 31, 2019 12 character password.Geeze, I wish I knew how to hack. I can't remember this garbage, that's ridiculous. As such this may very well be my last successful login, time will tell.But I've gotta ask, just why have so much security your users are expected to remember impossible gibberish?It's not like everyone buys stuff daily...and even if they did... Well, ask Amazon.Hi,You should look at using a password manager to help you with your passwords. There are several out there. This link will take you to PC Magazine's latest review of password managers, its worth reading. https://www.pcmag.com/roundup/300318/the-best-password-managers Link to comment Share on other sites More sharing options...
Brendan62 Posted January 1, 2020 Share Posted January 1, 2020 (edited) Have to say not very impressed with this over the top password 12 characters numbers whatever, have been a productive member here since before this site was created (so more than 14 years) and have never had to reset my password once was perfectly happy with my original one and no i dont want to get a password manager to manage my passwords have enough useless programs installed on my pc. This site has had some very intrusive changes recently. This being just one of them. The new extra download page is another. Perhaps getting a little to oriented to collecting premium members. Edited January 1, 2020 by Brendan62 Link to comment Share on other sites More sharing options...
Recommended Posts