Thanks. Time to purge old passwords again I reckon.
Comment has been collapsed.
It's also worth to mention that a lot of those have been collected from various breaches in the past but it's still worth checking on haveibeenpwned and/or changing ones passwords
Comment has been collapsed.
Would be good if haveibeenpwned had a function of sending compromised password to corresponding email. I am on the list, but I have been pwned before so I have no idea if it's new or old password, and it's hard for me to remember so many passwords so I'm not gonna just change again. Also as I understand it means either email is compromised or one of accounts attached to that email, so I have no idea where to change password either.
Comment has been collapsed.
I think the 2 recent unverified ones it will say so for everyone, it's also very conviently advertising 1password, i think in certain cases it's more or less false alarm just for people to get 1password (dunno if it's paid or not).
Comment has been collapsed.
Using any such password manager to generate unique long passwords for each site only makes sense. Even if he gets some small ad revenue from that, he's doing it more because that's his job at MS rather than for couple bucks. If you see millions of "password123" all the time, wouldn't you suggest something to help with that to people?
Comment has been collapsed.
Thank you! Turns out only my oldest one is compromised (and also temporary one that I use for one-time sites, but it might just be used by other users since it's very simple).
Comment has been collapsed.
Yeah, I generally go by the dates they give for the breach, but this is also a good resource.
Turns out one of my emails was breached by some stupid data aggregation firm so that's cool, love it when there isn't jack I can do about it!
Comment has been collapsed.
haveibeenpwned.com is a great site that I used in the past, yet it's been quite some time since I checked on it. So as of today, I seem to had been pwned eight times. Oh well...
Comment has been collapsed.
:format(jpeg)/cdn.vox-cdn.com/uploads/chorus_image/image/49493993/this-is-fine.0.jpg)
Should be noted it's starting to look like the leak he's talking about is just the tip of the ice berg - as the name Collection #1 implies there's a 2, and a 3, and... The files circling now are closer to a terabyte of pure text, with Collection #1 being the smallest of the leaks. This image shows the full set of folders being spread.
I'm looking forward to seeing what else is in there.
Comment has been collapsed.
Yea I've seen that too. I guess I'll use 1 pw per service as of now. :X
Comment has been collapsed.
Well I'd certainly hope so - if anyone is having trouble doing this just get a password manager and use it to generate random passwords. Any password you can easily remember is probably too weak to actually use, so don't make it so you have to.
Reusing passwords on multiple sites is like leaving the keys to your door and car and bank vault in random places around town, hoping nobody picks them up and figures out what they unlock. Not really worth the gamble!
Comment has been collapsed.
Identity Leak Checker works in european union.
Thanks to prevent us.
Comment has been collapsed.
For those who manage their own email domain you can subscribe to updates from haveibeenpwned to alert you whenever any of your accounts (or your users' accounts) have made an appearance in their database.
None of the addresses on any of my domains are in the new list. So that's good.
Comment has been collapsed.
Was any really popular services hit?
Like gmail, steam, gog, groupees, humble, etc.?
Comment has been collapsed.
Currently it's unverified, but if you were hit 2 years ago, this is likely to be the same database.
Comment has been collapsed.
Yes, I noticed. My email is on the list. And on any other list like this that has been spread in the last 3 years. Trillian and Nexus were the first sites that got hacked (in my case). Fortunatelly according to the site the password is not included. All they know is that there's this particular email. Once in a while there's an access attempt. Or ten.
Oh well, can't be helped.
Comment has been collapsed.
Thank you for information.
Before this large list was added, the service displayed in the leakage information confirmation was only the one of "A German company that distributes Steam keys.".
Perhaps, this big list is an assortment of such information.
And, if you are on a ride, I feel that it is better to use a different password for every site you use, regardless of whether you are not on.
Comment has been collapsed.
time for a mug of coffee and cleaning up my keepassx database.
Comment has been collapsed.
Comment has been collapsed.
Six times but current password is fine. Unless they're standing next to my phone, they aren't getting into my email anyway. Heh.
Comment has been collapsed.
A couple of my email addresses are included here, but I believe they are from old security breaches. Oh and surprisingly, a site that I KNOW got hacked and data dumped is not included on "Have I been pwnd" it only includes 3 really old ones that I already knew about.
It's okay though because where I've used the same pw and the same old email, they're crappy sites that i don't care about. Possibly forum accounts where I logged in to find a specific piece of information and so on.
I've learned to use better passwords for important things for the past decade. Heh!
Comment has been collapsed.
Hey guys, just wanted to inform as many people as possible over a new, 773 Million E-Mail adresses data breach.
Troy Hunt, who works for MS as a security guy and runs his own blog/site: (http://haveibeenpwnd.com) about those security issues has pushed the news today. There is a way to check if your E-Mail has been part of any of this, be sure to inform yourself about potential risks by doing that, though!
Edit: EU residents can use Identity Leak Checker from the Hasso Plattner Institut. Don't know if this works for places outside the EU (Thanks Neofoxy for EU wide confirmation).
Edit2: There might be even more data of leaks, Collection #1 might just be the start of a package that contains about 1TB of data.
Comment has been collapsed.