773M Emails Hacked | Bitcointalksearch.org

hatshepsut93

legendary

Activity: 2954

Merit: 2145

Quote from: TheBeardedBaby on February 04, 2019, 06:41:53 AM

Damn, I start using this strategy for some years now and I even memorized my seed. (it was difficult job to keep the order) together with the Walled address.
Long ago I've reinstall my Windows XP so many times that even memorized the CD key and used it for some time as a password Cheesy

Used to mess around with IPv6 addresses so I manage to create a technique to memorize those addresses, i guess for the regular people this will difficulty.

Well, Bitcoin seeds are kinda meant to be memorizable, they aren't called "mnemonic" for no reason. Usually when it is mentioned, someone quickly points out that human memory is horrible and you should never rely on it, and they are totally right, but I think it's always good to have one more additional backup method. I too have memorized my seed, actually more than one seed.

But how did you memorize the address? Base58 sounds almost impossible to memorize, you have to remember the case of each letter.

Juggy777

hero member

Activity: 2646

Merit: 686

Quote from: greenlanternlight01 on February 03, 2019, 02:25:41 PM

This info has been going around quite some time now but I just wanted to share with anyone who hasn't heard it yet. The article explains how was found out that 773M emails and over 21M passwords were hacked and leaked on what is thought to be the largest email hack ever. https://www.cnet.com/news/massive-breach-leaks-773-million-emails-21-million-passwords/

What does this mean for me?

Like everyone I have my email address linked with several exchanges with several open orders in buy or in sell. That being said if someone was to find my mail address and password would try and enter on those exchanges. I've activated 2FA on every exchange but it doesn't feel good to know that I might be one of those 773M hacked email. My coins are on my hardware wallets but I have some other on exchanges on buy and sell orders. With one email hack I could lose some money. Luckily there is this website https://haveibeenpwned.com that finds out if your email has been hacked or not. I tried it and fortunately my main account I use on most exchanges is safe.
I suggest everyone to give it a try and if you find out smth that you don't like I suggest you change the email password to start with, and then to change the password on all the exchanges where you have used that email address.

Let's keep our money safe guys Wink

I remember a similar mail was sent to many people last year, where the hackers had put their passwords too in the mail and demanded ransom. I believe these emails which get hacked happen due to people entering passwords on sites which are not secured, or downloading files containing viruses which steal their data. I like the 2fa option which helps me be relaxed, also i use passwords of 16 digits so let them enjoy cracking it.

encycrypto

member

Activity: 294

Merit: 53

Quote from: hatshepsut93 on February 03, 2019, 05:38:08 PM

Interesting... It seems like password generators have been making a fool out of us all this time!

TheBeardedBaby

legendary

Activity: 2184

Merit: 3134

₿uy / $ell

Quote from: hatshepsut93 on February 03, 2019, 05:38:08 PM

Quote from: btc-facebook on February 03, 2019, 03:33:05 PM

Change the password of your email into the stronger one, using the combination of caps number and symbol, it would be more secure.

The problem with numbers, special symbols, uppercase letters and other techniques is that people strongly tend to do it in predictable way, like putting numbers in the end, capital letters at the beggining, etc. If you have a really short password that is based on some popular word, it might get cracked pretty fast, even if it has numbers and special symbols. Those types of passwords are usually very hard to remember, and you can get a lot of trouble if it's your main email with no methods of resetting your password. The better approach is to use very long passwords with normal words, if you don't use a password manager, or just random strings if you do.

Damn, I start using this strategy for some years now and I even memorized my seed. (it was difficult job to keep the order) together with the Walled address.
Long ago I've reinstall my Windows XP so many times that even memorized the CD key and used it for some time as a password Cheesy

Used to mess around with IPv6 addresses so I manage to create a technique to memorize those addresses, i guess for the regular people this will difficulty.

r1s2g3

sr. member

Activity: 742

Merit: 395

I am alive but in hibernation.

I written in some other topic earlier too, best security is changing the password regularly. Even if your password is hacked you still be safe as your password is already changed.

Quote from: hatshepsut93 on February 03, 2019, 05:38:08 PM

Quote from: btc-facebook on February 03, 2019, 03:33:05 PM

Change the password of your email into the stronger one, using the combination of caps number and symbol, it would be more secure.

The problem with numbers, special symbols, uppercase letters and other techniques is that people strongly tend to do it in predictable way, like putting numbers in the end, capital letters at the beggining, etc. If you have a really short password that is based on some popular word, it might get cracked pretty fast, even if it has numbers and special symbols. Those types of passwords are usually very hard to remember, and you can get a lot of trouble if it's your main email with no methods of resetting your password. The better approach is to use very long passwords with normal words, if you don't use a password manager, or just random strings if you do.

I agree, more character is better. Majority people have misconception that strong password are one that are difficult to remember but it is not the case.

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: greenlanternlight01 on February 03, 2019, 04:52:00 PM

Kudos to Pmalek for having post it first and letting everyone know about this 💪

Actually, I saw it in the German section and shared the info here. So credits should go to patrickrn32 for posting it in the German Local. This is the source where I saw it:
https://bitcointalksearch.org/topic/achtung-passwort-sammlung-mit-773-millionen-online-konten-im-netz-aufgetaucht-5098731

Crypto-DesignService

copper member

Activity: 208

Merit: 256

You can check if your email and password is compromised.

Email: have i been pwned?
Password: Pwned Passwords

Kopyleft

member

Activity: 168

Merit: 15

Future of Security Tokens

The internet is always devicing new means of funds theft and privacy leaks, one can not stay ignorant or risk falling victim. Always have more than one layer of security foe any website where you have your assets stored temporarily or permanently. And regular check the current state of your accounts.

jossiel

hero member

Activity: 2842

Merit: 625

Quote from: btc-facebook on February 03, 2019, 03:33:05 PM

Activating 2FA both on exchange and your email will be more better and more safety. Change the password of your email into the stronger one, using the combination of caps number and symbol, it would be more secure.

Nothing is safe now look at the recent news for Mac Users.

CookieMiner Mac Malware Wants Your Cookies and Your Crypto Funds

Use passwords that you never have used before and has a strong combination of characters, letters, symbols + numbers. Don't recycle old passwords that you've been using for different websites.

Onuohakk

member

Activity: 672

Merit: 29

If you are continuously following safety precautions you need not to worry about being hacked.
But always have a specific email for a specific purpose this also helps ensure business email don't get into the wrong hands

logfiles

copper member

Activity: 1960

Merit: 1638

Top Crypto Casino

Quote from: jseverson on February 04, 2019, 01:37:25 AM

It's also worth noting that some email providers are better with security than others. Remember the Yahoo breach?

I checked my old yahoo mail account and it's shown to have been leaked over 3 times. This is an email I barely used for signing up on different websites... My Gmail on the other side (the one I use for less secure sites) shows not to have been leaked ever. I have used these email hundreds of times to sign up on different websites. So you could be very right.

jseverson

hero member

Activity: 1834

Merit: 759

So the hack's origin is apparently unknown, and could very well be just a collection of past hacks:

Quote from: https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/

Q. How long ago were these sites breached?
It varies. The first site on the list I shared was 000webhost who was breached in 2015, but there's also a file in there which suggests 2008. These are lots of different incidents from lots of different time frames.

It's no reason for immediate panic, but it's a wake up call to people who reuse their passwords nonetheless. It's also worth noting that some email providers are better with security than others. Remember the Yahoo breach?

hatshepsut93

legendary

Activity: 2954

Merit: 2145

Quote from: btc-facebook on February 03, 2019, 03:33:05 PM

Change the password of your email into the stronger one, using the combination of caps number and symbol, it would be more secure.

The problem with numbers, special symbols, uppercase letters and other techniques is that people strongly tend to do it in predictable way, like putting numbers in the end, capital letters at the beggining, etc. If you have a really short password that is based on some popular word, it might get cracked pretty fast, even if it has numbers and special symbols. Those types of passwords are usually very hard to remember, and you can get a lot of trouble if it's your main email with no methods of resetting your password. The better approach is to use very long passwords with normal words, if you don't use a password manager, or just random strings if you do.

logfiles

copper member

Activity: 1960

Merit: 1638

Top Crypto Casino

This is why it is very important to use each unique password for each website you register for. Imagine having the one password for both your email and the website whose data has been breached.

In this case, your email can easily get compromised and will be used for resetting passwords for your important accounts in other websites and logging into them if you didn't set any 2FA.

And about 2FA, don't be too confident about it too. If the website does not implement enough protection, it too can be brute forced.
Here is a classic example of such a scenario. It happened on COSS exchange last year. The user lost over 850K in cryptos through this attack.
Reddit user describes 2FA hack on Coss Exchange, over $850k stolen

greenlanternlight01

copper member

Activity: 252

Merit: 6

Quote from: madnessteat on February 03, 2019, 04:12:37 PM

This has already been posted Pmalek on the forum on January 18th: 773 Million Hacked User Accounts are being traded on underground forums

To be honest I didn't go that long back in the search for any other post. But to be on the safe side I started my post with

Quote

This info has been going around quite some time now but I just wanted to share with anyone who hasn't heard it yet.

Kudos to Pmalek for having post it first and letting everyone know about this 💪

jademaxsuy

full member

Activity: 924

Merit: 220

Quote from: madnessteat on February 03, 2019, 04:12:37 PM

This has already been posted Pmalek on the forum on January 18th: 773 Million Hacked User Accounts are being traded on underground forums

Yes and it's been discussed by pmalek and other high ranks like TryNinja and boyptc which give some tips to forum users to change their password to make their account safe to avoid breaches. Well thanks to pmalek to translate the original post - https://bitcointalksearch.org/topic/achtung-passwort-sammlung-mit-773-millionen-online-konten-im-netz-aufgetaucht-5098731.

madnessteat

legendary

Activity: 2240

Merit: 2005

Quote from: greenlanternlight01 on February 03, 2019, 02:25:41 PM

This info has been going around quite some time now but I just wanted to share with anyone who hasn't heard it yet. The article explains how was found out that 773M emails and over 21M passwords were hacked and leaked on what is thought to be the largest email hack ever. https://www.cnet.com/news/massive-breach-leaks-773-million-emails-21-million-passwords/

What does this mean for me?

Like everyone I have my email address linked with several exchanges with several open orders in buy or in sell. That being said if someone was to find my mail address and password would try and enter on those exchanges. I've activated 2FA on every exchange but it doesn't feel good to know that I might be one of those 773M hacked email. My coins are on my hardware wallets but I have some other on exchanges on buy and sell orders. With one email hack I could lose some money. Luckily there is this website https://haveibeenpwned.com that finds out if your email has been hacked or not. I tried it and fortunately my main account I use on most exchanges is safe.
I suggest everyone to give it a try and if you find out smth that you don't like I suggest you change the email password to start with, and then to change the password on all the exchanges where you have used that email address.

Let's keep our money safe guys Wink

This has already been posted Pmalek on the forum on January 18th: 773 Million Hacked User Accounts are being traded on underground forums

btc-facebook

legendary

Activity: 1862

Merit: 1015

Activating 2FA both on exchange and your email will be more better and more safety. Change the password of your email into the stronger one, using the combination of caps number and symbol, it would be more secure.

TryNinja

legendary

Activity: 2758

Merit: 6830

Quote from: bitmover on February 03, 2019, 03:00:03 PM

Quote from: TryNinja on February 03, 2019, 02:56:18 PM

Password manager + 24 long unique password + 2FA = profit.

Some password managers were hacked already, sadly. LastPass was hacked few years ago.

Nothing online is 100%

That's why bitcoin solution is amazing: keys are hold offline, unhackable.

Sorry, forgot to mention the word “offline”.

I actually use KeePass as my password manager and only store my db file in a few encrypted flash drives.

bitmover

legendary

Activity: 2212

Merit: 5622

Non-custodial BTC Wallet

Quote from: TryNinja on February 03, 2019, 02:56:18 PM

Password manager + 24 long unique password + 2FA = profit.

Some password managers were hacked already, sadly. LastPass was hacked few years ago.

Nothing online is 100%

That's why bitcoin solution is amazing: keys are hold offline, unhackable.

Topic: 773M Emails Hacked (Read 239 times)