Bitcoin Forum
December 08, 2016, 12:07:47 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 [7]  All
  Print  
Author Topic: Cracked Passwords List Leaked, were you cracked?  (Read 14828 times)
andyb
Newbie
*
Offline Offline

Activity: 18


View Profile
June 29, 2011, 08:56:04 PM
 #121

my very simple password (6 numbers +username) wasn't in the list, so I believe that this list comes from phishing/key logging or something like that. I changed ALL my passwords to random characters after Mt.Gox got hacked (had planned it for a long time, but never got around to it), before this I was using the about 3 passwords for everything.

I would also check https://shouldichangemypassword.com/ It correctly reports I've hade my password compromised once on June 19, 2011. I got an email from Chase about my account on June 20, so it seems pretty accurate.

I asked it if the following passwords had been compromised and it told me they were safe.

- password
- password1
- password123
- p@ssw0rd
- P@ssw0rd
- love
- hackers
- superman

In https://shouldichangemypassword.com/  you should input the e-mail, not the password BUT they seem to have blacklisted the whole list from mtgox. I tried bulks of 10 from around the list, and they are all listed as "hacked"
1481198867
Hero Member
*
Offline Offline

Posts: 1481198867

View Profile Personal Message (Offline)

Ignore
1481198867
Reply with quote  #2

1481198867
Report to moderator
1481198867
Hero Member
*
Offline Offline

Posts: 1481198867

View Profile Personal Message (Offline)

Ignore
1481198867
Reply with quote  #2

1481198867
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481198867
Hero Member
*
Offline Offline

Posts: 1481198867

View Profile Personal Message (Offline)

Ignore
1481198867
Reply with quote  #2

1481198867
Report to moderator
finack
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 30, 2011, 01:09:44 AM
 #122

BUT they seem to have blacklisted the whole list from mtgox. I tried bulks of 10 from around the list, and they are all listed as "hacked"

That's the point of that url - they combined a bunch of lists of leaked account details - if your email is associated with any of them it tells you. Technically it's "has a hash of my password from a site been released publicly" it doesn't care whether the hash has been cracked or not, and rightly so.
kloinko1n
Full Member
***
Offline Offline

Activity: 177


View Profile
June 30, 2011, 06:30:58 AM
 #123

yes, my password was cracked but i was just testing mtgox with no intention of trading at that time, so it was very weak.
My password was NOT cracked.

My password consisted of 18 characters, of which only 9 alphabetical and of which 3 were capitals.
The rest consisted of 3 randomly chosen numerical characters and 6 non-alphanumerical characters.

The mtgox website wrote after 'the incident' that accounts with 'sufficiently complex passwords' would be re-instated automatically.
Well, that didn't happen. I had to reclaim my account, got a new password. And it worked for 1 day.
Now my password is invalidated and mtgox does not reply to my requests for a new password:
If I go through the "password forgotten" procedure at login, it says it has sent a new password to my email, but non ever arrived.
Now my IP is even blocked 'due to too many failed login attempts'.

There are BTCs and USDs in my account there and I am getting really pissed!
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 30, 2011, 10:03:02 AM
 #124

I changed ALL my passwords to random characters after Mt.Gox got hacked (had planned it for a long time, but never got around to it), before this I was using the about 3 passwords for everything.

I did exactly the same, I also wanted to do it all the time.



My MtGox password was different from any other fortunately except this very forum. But it has a little similarity with my standard passwords, so I fear that people might crack those more easily.

Misspelling protects against dictionary attacks NOT
Pages: « 1 2 3 4 5 6 [7]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!