Pstebin dump and your e-mail passwords
- PorkPiePorn
- I Have Not Been Outside in a Week
- Reactions: 1
- Posts: 932
- Joined: Thu Jul 07, 2016 9:37 pm
How many people change their passwords by adding something to the end, like the year or something. My thinking is that for brute force attacks, every published password becomes as a single character that can be added to in this way too.
I like that meme Alex. Good illustration.
So Scoby, how safe is this site against attack?
I like that meme Alex. Good illustration.
So Scoby, how safe is this site against attack?
The problem with the world is stupidity. I'm not saying there should be a capital punishment for stupidity, but why don't we just take the safety labels off of everything and let the problem solve itself?
- Hanno
- I am a Special Snowflake !!?!
- Reactions: 206
- Posts: 8098
- Joined: Sun Sep 16, 2012 4:07 pm
- Location: Siem Reap
- Contact:
My master password is a title of a song plus artist plus year it came out plus a mix of capital and small letters. Easy to remember, would be quite hard to hack.
"I realized that If I had to choose, I would rather have birds than airplanes."
Charles Lindbergh
Charles Lindbergh
LastPass, including master password and everything, was hacked at least 3 times in 2015 and 2016. There was no master password that protected LastPass users against these vulnerabilities. The nature of these vulnerabilities render your master password entirely useless. Your passwords are stolen from your password manager, master passworded or not.Hanno wrote:My master password is a title of a song plus artist plus year it came out plus a mix of capital and small letters. Easy to remember, would be quite hard to hack.
They will be discovered again, and again, and again.
BlessAlexandra wrote:LastPass users had their email addresses and encrypted master passwords stolen in a 2015 intrusion. http://www.forbes.com/sites/katevinton/ ... 4650845a66
LastPass users were at risk until a vulnerability allowing account and password theft was patched in 2016. http://www.theregister.co.uk/2016/07/27 ... it_a_site/ And another vulnerability a month later. https://labs.detectify.com/2016/07/27/h ... passwords/
People began using CUDA powered nVidia graphics cards for cracking passwords and performing cryptanalysis nearly a decade ago because of their incredible computation power. People have been trying password combinations at the speed of hundreds of millions per second since 2008 per graphics card. People have published scalable crack stations and reproducible benchmarks with 25 of those cards.Hanno wrote:would be quite hard to hack
Cryptographic hash functions were never designed to "be quite hard to hack". That's not the use case. They are, like other crypto algorithms, relied on with the assumption that an attacker won't be able to break them every 5 or 10 years. Crypto standard algorithms normally live an average of 3-5 years. That's why NIST keeps rotating AES algorithms and updating requirements every year. MD5 and SHA256 have all been deprecated, not because they are bad algorithms but because it's the natural course of development.
Bless
Thanks for shaking my normally placid assumptions about the subject, ya nerd.
I'll just revert to paper and snail mail for financial transactions. I don't care about the rest of my inter-webby presence, got nothing to hide.
I'll just revert to paper and snail mail for financial transactions. I don't care about the rest of my inter-webby presence, got nothing to hide.
If you don't know where you're going, any road takes you there.
Financial institutions are some of the worst protected on the planet. Card PINs are protected by a whooping 10^4 entropy where the vast majority of humans probably share 1% of that entropy on silly combinations (0011, 1234, 1122, 198X, 199X, 201X etc).David L wrote:I'll just revert to paper and snail mail for financial transactions. I don't care about the rest of my inter-webby presence, got nothing to hide.
Hanno made the joke that I should keep my PIN in my wallet and he probably forgot just how right he is. The information required to make a purchase with a card is printed right there on the card. It gets worse. Some cards transmit the card data and PIN wirelessly by RFID and NFC. http://www.dailymail.co.uk/sciencetech/ ... CONDS.html
Bless
Those nuke launch codes everybody was so paranoid about during the Cold War and later during Trump's election campaign? "00000000" for 15 years. http://www.huffingtonpost.com/2013/12/0 ... 86784.html
Bless
Bless
- Playboy
- 20,000 Posts; I need professional help !
- Reactions: 288
- Posts: 24827
- Joined: Fri Dec 12, 2003 6:30 pm
- Location: Hotel K: Sector ZZ9 Plural Z Alpha
- Contact:
Damn !!?!Alexandra wrote:Those nuke launch codes everybody was so paranoid about during the Cold War and later during Trump's election campaign? "00000000" for 15 years. http://www.huffingtonpost.com/2013/12/0 ... 86784.html
Bless
Did they hack my password and copy it ??
"We, the sons of John Company, have arrived"
Christ on a bike! Should I cut up my cards too and just use cash?Alexandra wrote:Financial institutions are some of the worst protected on the planet. Card PINs are protected by a whooping 10^4 entropy where the vast majority of humans probably share 1% of that entropy on silly combinations (0011, 1234, 1122, 198X, 199X, 201X etc).David L wrote:I'll just revert to paper and snail mail for financial transactions. I don't care about the rest of my inter-webby presence, got nothing to hide.
Hanno made the joke that I should keep my PIN in my wallet and he probably forgot just how right he is. The information required to make a purchase with a card is printed right there on the card. It gets worse. Some cards transmit the card data and PIN wirelessly by RFID and NFC. http://www.dailymail.co.uk/sciencetech/ ... CONDS.html
Bless
If you don't know where you're going, any road takes you there.
Yes! Move to a shed in the woods. Send bombs in the mail to scientists. Threaten newspapers to publish your manifesto.David L wrote:Christ on a bike! Should I cut up my cards too and just use cash?
Bless
-
- I have Cheap Mobile Internet
- Reactions: 0
- Posts: 410
- Joined: Sun Dec 25, 2011 7:54 am
- Location: PP
Lists like these are now public but are nothing new, in the past they would trade over IRC or usenet. For normal websites a strong password and no reuse is enough. Write it down, so it can't be hacked. Watch out for phishing, social engineering or theft
On the internet you connect to the whole world, your paper is only exposed to a fraction of that.
For anything sensitive like banking, try to use hardware tokens. That are those small devices looking like a calculator or usb thumbdrive. It's more secure than receiving sms auth as any smartphone is simply another computer.
Consider anything in the cloud as public. Even local password managers had flaws, exposing credentials in memory. Lucky we are able to change them. Wait until fingerprints are getting abused. After 10 times you cannot identify yourself anymore
On the internet you connect to the whole world, your paper is only exposed to a fraction of that.
For anything sensitive like banking, try to use hardware tokens. That are those small devices looking like a calculator or usb thumbdrive. It's more secure than receiving sms auth as any smartphone is simply another computer.
Consider anything in the cloud as public. Even local password managers had flaws, exposing credentials in memory. Lucky we are able to change them. Wait until fingerprints are getting abused. After 10 times you cannot identify yourself anymore
- PorkPiePorn
- I Have Not Been Outside in a Week
- Reactions: 1
- Posts: 932
- Joined: Thu Jul 07, 2016 9:37 pm
A strategy for a password would be taking a book initials, page number, (could be your birth year) and first two and last two words. For example, Donald Trumps Art of the deal. AOTD62thateveryoverwhen. You can remember the book and page number, you're golden.
The problem with the world is stupidity. I'm not saying there should be a capital punishment for stupidity, but why don't we just take the safety labels off of everything and let the problem solve itself?
- salvajeuno
- I Am Losing It All to the Internet
- Reactions: 0
- Posts: 1399
- Joined: Mon Jul 04, 2016 2:54 am
- Location: Cat Lady Towers
There's an army of 12 year old hackers out there working 24/7 to keep companies like LIfelock ( U.S.) in business. It's a vicious circle.Alexandra wrote:Yes! Move to a shed in the woods. Send bombs in the mail to scientists. Threaten newspapers to publish your manifesto.
Bless
இ லொவெ ம்ய் டௌக்ஹ்டெர்ஸ் மொரெ தன் அன்ய்தின்க் இன் தெ வொர்ல்ட்
-
- Similar Topics
- Replies
- Views
- Last post
-
-
Young Korean woman dies in clinic- Chinese staff dump body
by Bong Burgundy » Sun Jun 11, 2023 5:46 am » in Cambodia News - 14 Replies
- 4014 Views
-
Last post by dv8inpp
Sun Sep 10, 2023 4:22 pm
-