Warning From Vendor About Passwords

[mahvin]

My credit vendor sent me an alert that my GIMP Chat password had been compromised, so I immediately went and changed it. Filter Forge was also on that list, so I'll be heading over there to change it as well.

I'm sharing this here, in the same fashion as a PSA to change the batteries in your smoke alarms, only this is passwords. But do change the batteries in your smoke alarms, unless of course, they're wired into power, then just test them.

Addendum: Data breach on gimpusers.com as well.

[Nidhogg]

Fire alarm, check.
Carbon monoxide alarm, check.
IP camera, check.
Wireless hunting camera, check.
Under bed, check.

I'm safe.

[mahvin]

Fire alarm, check.
Carbon monoxide alarm, check.
IP camera, check.
Wireless hunting camera, check.
Under bed, check.

I'm safe.

Change passwords?

[Nidhogg]

Yeah, I changed my password from password to pazzw0rd.
Seriously, only secure method I know, is the registered phone verification during the log in.
That ensures even if someone knew your login, pass and the pin they still couldn't access your account.
I wouldn't mind banking security level in every web site that requires you to register.

[Wallace]

Thanks for the heads-up mahvin.

[racer-x]

This site uses the outdated http instead of the more secure https, so no wonder. I don't have any real personal information on any of the sites I use, so don't really care. worst case, I'll just create a new account.

[mahvin]

If anything, if someone pretends to be you, we’ll know, because we know what to expect in responses, and sense of humor.

[ofnuts]

Yeah, I changed my password from password to pazzw0rd.
Seriously, only secure method I know, is the registered phone verification during the log in.
That ensures even if someone knew your login, pass and the pin they still couldn't access your account.
I wouldn't mind banking security level in every web site that requires you to register.

Not sufficient. In many countries there aren't that many checks when you switch to another phone network while keeping your call number, people can snatch your number. You may wonder for a couple of days why your phone no longer works while the villains are using your credit cards and using the secret codes that your bank is sending to their phone.

[mahvin]

Yeah, I changed my password from password to pazzw0rd.
Seriously, only secure method I know, is the registered phone verification during the log in.
That ensures even if someone knew your login, pass and the pin they still couldn't access your account.
I wouldn't mind banking security level in every web site that requires you to register.

Not sufficient. In many countries there aren't that many checks when you switch to another phone network while keeping your call number, people can snatch your number. You may wonder for a couple of days why your phone no longer works while the villains are using your credit cards and using the secret codes that your bank is sending to their phone.

He's a younger whippersnapper, and will need to learn all this the "hard" way...

Graduate of the school of Hard Knocks