Online list of hacked passwords
Moderator: Global Moderator
Online list of hacked passwords
A hacker group (sorry can't remember the name and I closed the web page already) has posted a partial list of their collection of 7 million username/passwords that were hacked from Dropbox (per them) vs somewhere else (per Dropbox). They say they will post more when they get sufficient bitcoin "donations".
http://pastebin.com/aRgTJzzg
http://pastebin.com/aRgTJzzg
- Mountaineer
- Executive Member
- Posts: 5080
- Joined: Tue Feb 07, 2012 10:54 am
Re: Online list of hacked passwords
I changed my Dropbox password this morning. I also endorse two factor authentication for a second layer of protection if you have not yet done so.WiseOne wrote: A hacker group (sorry can't remember the name and I closed the web page already) has posted a partial list of their collection of 7 million username/passwords that were hacked from Dropbox (per them) vs somewhere else (per Dropbox). They say they will post more when they get sufficient bitcoin "donations".
http://pastebin.com/aRgTJzzg
... Mountaineer
Put not your trust in princes, in a son of man, in whom there is no help. Psalm 146:3
Re: Online list of hacked passwords
I can't wait for some enterprising young entrepreneur to set up a website where you just enter your username and password and it will check to see if it is on a hacked listing... and it's free!...

Re: Online list of hacked passwords
I had to search to see what Dropbox was. Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea? As to the obvious question, no I don't use facebook except for minimally for events.Mountaineer wrote: I changed my Dropbox password this morning. I also endorse two factor authentication for a second layer of protection if you have not yet done so.
... Mountaineer
It was good being the party of Robin Hood. Until they morphed into the Sheriff of Nottingham
Re: Online list of hacked passwords
Dropbox appointed Condoleezza Rice to the board to allay any misguided privacy or data misuse fears you may have. The data you give away is in safe hands.Benko wrote: I had to search to see what Dropbox was. Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea?
Re: Online list of hacked passwords
Bad news Benko...if you use online banking or order anything online with a credit card or Paypal, your information is not only "in the cloud", it is possibly in the same cloud that Dropbox uses (Amazon S3). Or, do you store your info at home on your personal computer? That's not 100% safe either unless you don't have an internet connection. Plus there's the issue of data loss, which is only mildly improved by backing up to a USB or optical drive. Those are guaranteed to fail eventually and unless you check them regularly, you might not discover that one has failed until the moment you need it.Benko wrote:I had to search to see what Dropbox was. Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea? As to the obvious question, no I don't use facebook except for minimally for events.Mountaineer wrote: I changed my Dropbox password this morning. I also endorse two factor authentication for a second layer of protection if you have not yet done so.
... Mountaineer
Usernames and passwords are just more "security theater". I also endorse two factor authentication for those few sites that offer it - gmail and dropbox do.
- Mountaineer
- Executive Member
- Posts: 5080
- Joined: Tue Feb 07, 2012 10:54 am
Re: Online list of hacked passwords
Here is some additional information on two factor authentication:
Yesterday's news that hackers might've stolen some 7 million Dropbox credentials should've scared you into changing your password. And if you didn't already have two-step authentication enabled on your account, it should be pretty good reminder that you need to turn it on for every account possible.
If you're not worried about the security of your accounts, you're ignoring a serious threat that's confirmed by a neverending deluge of security breaches. Two-step authentication is one of the best ways to prevent unauthorized access to your accounts, even if somebody manages to steal your password. Here's how to do it.
Two-step, or two-factor authentication protects your accounts by requiring you to provide an additional piece of information after you give your password to get into your account. In the most common implementation, after correctly entering your password, an online service will send you a text message with a unique string of numbers that you'll need to punch in to get access to your account.
The idea is that you're drastically more secure if somebody needs both your password and the physical phone to get access to your accounts. Add a passcode to your phone, and you're safeguarded against someone stealing both.
Is it perfect? No. But it's way better than just irrationally hoping nobody ever gets a hold of your password.
Read the whole article and the "how to do" steps in the link:
http://gizmodo.com/its-time-to-enable-t ... 1646242605
... Mountaineer
Yesterday's news that hackers might've stolen some 7 million Dropbox credentials should've scared you into changing your password. And if you didn't already have two-step authentication enabled on your account, it should be pretty good reminder that you need to turn it on for every account possible.
If you're not worried about the security of your accounts, you're ignoring a serious threat that's confirmed by a neverending deluge of security breaches. Two-step authentication is one of the best ways to prevent unauthorized access to your accounts, even if somebody manages to steal your password. Here's how to do it.
Two-step, or two-factor authentication protects your accounts by requiring you to provide an additional piece of information after you give your password to get into your account. In the most common implementation, after correctly entering your password, an online service will send you a text message with a unique string of numbers that you'll need to punch in to get access to your account.
The idea is that you're drastically more secure if somebody needs both your password and the physical phone to get access to your accounts. Add a passcode to your phone, and you're safeguarded against someone stealing both.
Is it perfect? No. But it's way better than just irrationally hoping nobody ever gets a hold of your password.
Read the whole article and the "how to do" steps in the link:
http://gizmodo.com/its-time-to-enable-t ... 1646242605
... Mountaineer
Put not your trust in princes, in a son of man, in whom there is no help. Psalm 146:3
-
- Executive Member
- Posts: 5994
- Joined: Wed Dec 31, 1969 6:00 pm
Re: Online list of hacked passwords
No, you're not the only one. However, I'm sure this is a very unpatriotic position to take!Benko wrote:I had to search to see what Dropbox was. Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea? As to the obvious question, no I don't use facebook except for minimally for events.Mountaineer wrote: I changed my Dropbox password this morning. I also endorse two factor authentication for a second layer of protection if you have not yet done so.
... Mountaineer
Re: Online list of hacked passwords
I'm glad to see that my favorite password, LiBeRaLsSuCk wasn't on the list. 

Last edited by Reub on Wed Oct 15, 2014 6:05 pm, edited 1 time in total.