Computer Software > Security
Google password Exposed
sevenlayermuddle:
--- Quote from: Ronski on December 04, 2020, 07:57:52 AM ---Perhaps try the password here https://haveibeenpwned.com/Passwords it will tell you how many times it's been leaked, but unfortunately not where.
--- End quote ---
Not leaked, according to that link.
But even assuming Google know better and are correct, why should I care that some other person used the same password and that it leaked? It doesn’t put any of my accounts at risk as I’m not the person who got hacked, the password/user combo that leaked is not associated with any account that I use.
I lost a couple of hours last night stressing over that email, and ‘rescuing’ an account that I now think was perfectly secure all along. I’ve not slept well either, being stressed at bedtime. Thanks for nothing, Google. :'(
sevenlayermuddle:
PS: Just realised I have broken into a grump (not at anybody on the forum) without saying 'thanks' for the help I was given.
Belatedly... Thanks, Ronski. :)
Ronski:
--- Quote from: sevenlayermuddle on December 04, 2020, 08:21:52 AM ---Not leaked, according to that link.
But even assuming Google know better and are correct, why should I care that some other person used the same password and that it leaked? It doesn’t put any of my accounts at risk as I’m not the person who got hacked, the password/user combo that leaked is not associated with any account that I use.
--- End quote ---
I would have thought it would have shown up on that site if it had been leaked, but perhaps Google do know better. It doe's put you're account at an increased risk though, you probably know this, but they may well not have the email/username/password combination, but the leaked passwords all go into a dictionary list available for sale on the dark web (where ever that is), these dictionary's are then used against accounts, and if your username or email (https://haveibeenpwned.com/) has been leaked previously, somebody somewhere may just try the correct combination. So any password that has been leaked shouldn't be used, mind you I'm not sure I'd want to put my password into a website just to check if it's been leaked previously, and that's just one reason why I use unique to me, long, and completely random passwords nowadays.
--- Quote from: sevenlayermuddle on December 04, 2020, 09:48:11 AM ---PS: Just realised I have broken into a grump (not at anybody on the forum) without saying 'thanks' for the help I was given.
Belatedly... Thanks, Ronski. :)
--- End quote ---
No problem, and thanks.
sevenlayermuddle:
Cheers again, Ronski.
My thinking is that a targeted hacking attack on a specific individual may possibly benefit from a list of known passwords. It’d take some effort, but might succeed. I’m not convinced it would be much benefit to random attacks on random people. Even if an occasional random account was successfully hacked, the trophy would be unlikely to be of sufficient value to justify the effort. And with each random person the hacker attacked with such a marathon assault, he would risk getting caught.
So, I were a head of state likely to be targeted by bad guys, or a criminal mastermind likely to be targeted by good guys, being on a passwords list might worry me. Actually though I am of no importance whatsoever, so I tend not to worry too much about targeted attacks.
My main gripe was the Critical Security Alert email, saying “someone else knows your password”. Surely it should really have been entitled Low Priority Advice, reading “someone knows somebody else’s password, and it is the same as yours“
More importantly perhaps, in order for Google to identify this situation it would seem that they are storing the original text of my password on their servers. I’m not all that clued up on such technology, but I thought storing password texts was a No,No? :o
Weaver:
I have read about publicly accessible databases of passwords and user accounts that have been exposed in a security breach in some system or other. I have a tool that will search these and tell you whether or not your details fit one such exposed known entry.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version