Bitcoin Forum
March 29, 2024, 07:13:54 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Change of Dropbox / eBay / Facebook etc. password due to Mt Gox hack (IMPORTANT)  (Read 1659 times)
elements (OP)
Full Member
***
Offline Offline

Activity: 182
Merit: 100


View Profile
June 20, 2011, 09:13:55 AM
 #1

Hi,

as most of you know Mt Gox was compromised yesterday. About 61.000 accounts have their username and email addresses published publicly in the process.

Now, this might be very important for many users:

I have different passwords on all the mentioned sites BUT I use the iPhone and the mac sync features.
Also, I used Notes, Mail, Calendar sync googlemail <-> mac <-> iPhone

So, I wondered even though I have different passwords: if they got to my GMail account, they possibly could get my notes (containing some passwords), mail, google contacts, spreadsheets, etc.

So maybe it is a good idea to change everything which might have been stored with google, dropbox, etc.
Not only your gmail password but also any passwords which were ever stored with google or were mentioned in one of the mails or on one of your google documents and so on.

More tech savvy guys should eleborate on this (since I do not really belong to this group - and I know I shouldn't have important passwords on iPhone notes)!

BUT I think a lot of users have and that's the reason for this post
(The breach might have much more consequences than thought of at first).

Yesterday someone bought 5 highly priced eBay auctions of mine (which were marked as domestic wire transfer only) and then sent me a mail asking if PayPal payment wasn't possible otherwise he wants to draw back from the purchase (which of course I did not agree upon).

Researching his email address I found out, that the email address was part of the published Mt Gox Accounts file (as was mine).

So,

@ users think really hard about what accounts might all be compromised.

@ smart tech guys: please help to bring some light upon this shady subject in this dark hour Wink
 

»A common mistake that people make when trying to design something completely foolproof was to underestimate the ingenuity of complete fools.« - Douglas Adams
Use the trusted German Bitcoin exchange: https://www.bitcoin.de/de/r/5wcwts
Tips & donations: BTC : 1MAQYNLp2VJ9wWhPYg5BnrbUGzdhGXopZw | CGB: 5bgQivyHJcSWTgvLfVW87Zj23M7mcFCVBF
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711696434
Hero Member
*
Offline Offline

Posts: 1711696434

View Profile Personal Message (Offline)

Ignore
1711696434
Reply with quote  #2

1711696434
Report to moderator
1711696434
Hero Member
*
Offline Offline

Posts: 1711696434

View Profile Personal Message (Offline)

Ignore
1711696434
Reply with quote  #2

1711696434
Report to moderator
1711696434
Hero Member
*
Offline Offline

Posts: 1711696434

View Profile Personal Message (Offline)

Ignore
1711696434
Reply with quote  #2

1711696434
Report to moderator
paulie_w
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


View Profile
June 20, 2011, 10:50:12 AM
 #2

my suggestions:

- don't use the same passwords in different places (get 1Password or KeePass).
- don't use webmail (download the mail locally, make sure your harddrive or at least your home folder is encrypted with a good pw/key)
- don't use dropbox (unless you drop everything into a truecrypt image)
killer2021
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
June 20, 2011, 11:20:31 AM
 #3

^agree on all the above.

Basically, right now is a great time to go and analyze your security risk. Go to all your important accounts (banking etc.) and change the password. Then activate all the advanced security features for the account like email alerts or mobile sms verification etc. Get in the habit of checking your bank statements often as an unauthorized transaction has to be reported immediately.

Go to your email and delete any important documents (ie. has personal information etc.). Sometimes they get archived.

You also have to change your habits since you can never be 100% protected from some sort of breach. You need to change your habits such that if your account is ever compromised then you don't lose everything. What I mean by this is:

1. Don't keep any money in paypal or any online money transfer service. Transfer any money to your bank account.
2. If you are debt free and don't have any credit cards and won't be using any credit then place a credit freeze on your credit history. This makes it so no one can get credit in your name unless your credit is unfrozen (difficult process).
3. Don't keep lots of money in the bank. I'd say anything over 1 month expenses is too much unless you are saving up to buy a car or house or big purchase. Any excess money should be invested.
4. Try and keep a low profile on the internet in regards to personal information.
5. Make sure your social networking profiles (ie. facebook) are private. Also browse through your friend list and delete anyone which you don't personally know. That means deleting the random people who added you.

Most people don't take security very seriously because the internet seems like a peaceful place. You have all your friends on facebook. There are tons of free games to play. You can shop on amazon/ebay. You can watch funny cat videos on youtube. With all of this people tend to let their guard down.

Anonymous Cash-By-Mail Exchange: https://www.bitcoin2cash.com
1H6mqgB6UcqKt2SrCmhjxUp9np1Xrbkdj7
borgfish
Member
**
Offline Offline

Activity: 75
Merit: 10


View Profile
June 20, 2011, 11:32:44 AM
 #4

Hello,

since its so important to have a long password, why wont they force you to some minimum lenght ?

What do you think of salting owns passwort ( i got like 5 password level. mtgox and the other bitcoin stuff is like 2nd from below, i dont own shares here)
so it would look like "MYAVERAGEmtgox.comPASSWORD" ?
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500


Posts: 69


View Profile WWW
June 21, 2011, 02:19:20 PM
 #5

http://forum.bitcoin.org/index.php?topic=19913.msg248514 is a great post that should be checked out to assist in beefing up security.

In fact, all other posts relating to the topic should be locked and that thread should be a sticky maybe (with a clearer title)

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!