Upvote Upvoted 25 Downvote Downvoted
twitch possibly compromised
posted in Off Topic
1
#1
0 Frags +

http://blog.twitch.tv/2015/03/important-notice-about-your-twitch-account/

if you use your twitch password on any other site, change it asap. you will be forced to change your twitch password on next login. more info can be found in the blog post.

http://blog.twitch.tv/2015/03/important-notice-about-your-twitch-account/

if you use your twitch password on any other site, change it asap. you will be forced to change your twitch password on next login. more info can be found in the blog post.
2
#2
6 Frags +

already found it strange that twitch asked me to reset my password. now i know why, thx

already found it strange that twitch asked me to reset my password. now i know why, thx
3
#3
4 Frags +

For some reason you have to put in a really really strong password before it will let you set a new one.

Edit:If it says it is still weak you will not be able to set one but it it says it is so-so then you be good.

For some reason you have to put in a really really strong password before it will let you set a new one.

Edit:If it says it is still weak you will not be able to set one but it it says it is so-so then you be good.
4
#4
8 Frags +

$

$
5
#5
10 Frags +

how bad are your passwords that it's stuck on weak............

how bad are your passwords that it's stuck on weak............
6
#6
2 Frags +
Foxhow bad are your passwords that it's stuck on weak............

LOL^^ for real...

[quote=Fox]how bad are your passwords that it's stuck on weak............[/quote]

LOL^^ for real...
7
#7
3 Frags +

I used my weakest throwaway password on Twitch and keep forgetting to change it. Thank god for laziness.

I used my weakest throwaway password on Twitch and keep forgetting to change it. Thank god for laziness.
8
#8
0 Frags +

I forgot my twitch password so this is probably a good thing for me

I forgot my twitch password so this is probably a good thing for me
9
#9
9 Frags +

.

.
10
#10
0 Frags +

All 3 of the passwords I use are labeled very weak. lol

All 3 of the passwords I use are labeled very weak. lol
11
#11
-1 Frags +

https://www.youtube.com/watch?v=0Jx8Eay5fWQ

[youtube]https://www.youtube.com/watch?v=0Jx8Eay5fWQ[/youtube]
12
#12
3 Frags +

i don't think its so much about the password being weak, i got the email as well and i always had a strong password

we believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.
i don't think its so much about the password being weak, i got the email as well and i always had a strong password

[quote]we believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.[/quote]
13
#13
0 Frags +

If you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.

If you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.
14
#14
2 Frags +
smoboIf you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.

I set my password to what it was before and I didn't get that message.

[quote=smobo]If you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.[/quote]

I set my password to what it was before and I didn't get that message.
15
#15
23 Frags +

if u type password in post it puts in asterisk

look ************

if u type password in post it puts in asterisk


look ************
16
#16
3 Frags +

******

******
17
#17
18 Frags +

hunter2

hunter2
18
#18
1 Frags +

ninja'd

ninja'd
19
#19
-2 Frags +

twitch got no chill i got my phone number phished lmao

twitch got no chill i got my phone number phished lmao
20
#20
2 Frags +

password

password
21
#21
0 Frags +

https://addons.mozilla.org/en-us/firefox/addon/pwgen-password-generator/

https://addons.mozilla.org/en-us/firefox/addon/pwgen-password-generator/
22
#22
4 Frags +

guess I gotta change it to password1 now

guess I gotta change it to password1 now
23
#23
0 Frags +

weak passwords for accounts u dont give a fuck about
its more convenient

abc123

weak passwords for accounts u dont give a fuck about
its more convenient

abc123
24
#24
0 Frags +

I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?

I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
25
#25
0 Frags +
zigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?

You still have to worry about brute forcing. Some people make it extremely easy and just use a single word, maybe a number as well. Although now this is getting harder to do thanks to sites starting to lock accounts after x login attempts.

Also, if a person uses the same password on all sites, and one site's password database is compromised and cracked, then someone could get into all accounts belonging to that person.

I'm not a security expert either, but this is what I'm understanding.

[quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
You still have to worry about brute forcing. Some people make it extremely easy and just use a single word, maybe a number as well. Although now this is getting harder to do thanks to sites starting to lock accounts after x login attempts.

Also, if a person uses the same password on all sites, and one site's password database is compromised and cracked, then someone could get into all accounts belonging to that person.

I'm not a security expert either, but this is what I'm understanding.
26
#26
-2 Frags +
zigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?

They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).

[quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]

They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).
27
#27
2 Frags +

dicksucker1502

dicksucker1502
28
#28
0 Frags +

Why would anyone want to hack me

Why would anyone want to hack me
29
#29
1 Frags +
MasterKunizigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?

They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).

We can also hope that Twitch used some kind of a salt which would make it more useless :)

[quote=MasterKuni][quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]

They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).[/quote]
We can also hope that Twitch used some kind of a salt which would make it more useless :)
30
#30
0 Frags +
MasterKunizigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?

They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).

No, Rainbow Tables are giant lists or plaintext passwords and their equivalent hashes. You just search by hash to find the plaintext password for the hash you have. (so basically what you said first)

[quote=MasterKuni][quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?

And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]

They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).[/quote]

No, Rainbow Tables are giant lists or plaintext passwords and their equivalent hashes. You just search by hash to find the plaintext password for the hash you have. (so basically what you said first)
Please sign in through STEAM to post a comment.