1. DeslotlCL

    DeslotlCL GBAtemp's scalie trash
    Member

    Joined:
    Oct 28, 2015
    Messages:
    2,846
    Country:
    United States
    Providing that my phone is protected by a pin and also my finger print, i doubt someone could put his hand on them, and even then, i can remember my passwords just fine :teach:
    Sounds nice and all, but idk... still thanks for the heads up.
     
  2. yodamerlin

    yodamerlin Bok bok.
    Member

    Joined:
    Apr 1, 2014
    Messages:
    321
    Country:
    United Kingdom
    With GitHub and Twitter falling for the same mistake of logging passwords, it wouldn't surprise me to see more over the next few weeks.

    I think that the current state of authentication is not great, and password managers to me feel more like a hack on top of something not good that just adds friction to the far more easy solution of using the same password everywhere.

    Browser based web authentication is something I look forward to.
     
  3. VitaType

    VitaType GBAtemp Maniac
    Member

    Joined:
    Jul 16, 2016
    Messages:
    1,033
    Country:
    Germany
    It just says "internal log", possible that they did something like logging all data that get send by a post request to there server of course then including strings from the password fields.
    Neverless it's straight up incompetence and it's hard to believe that such a large software company makes that kind of beginner mistakes. :blink:

    What's the obsession some people have with sending there passwords (if non-hashing encrypted or not) to other peoples computers if these computers aren't running exactly the service you use the password for?
    It seems to be such a insane idea to me. You store all your passwords at one place on servers on the internet and all of them are encrypted with the same password! Not that much different from just using the same password everywhere... Yes, yes, these password sites should have more knowledge as the weakest link in the selection of websites you use the same password elsewhere, but still.
     
    Last edited: May 4, 2018
  4. Hells Malice

    Hells Malice Are you a bully?
    Member

    Joined:
    Apr 9, 2009
    Messages:
    6,707
    Country:
    Canada
    I assure you, it was not I.
     
  5. KingVamp

    KingVamp Haaah-hahahaha!
    Member

    Joined:
    Sep 13, 2009
    Messages:
    11,740
    Country:
    United States
    I'm pretty certain GBAtemp had a password leak too.
     
  6. Seriel

    Seriel ឵Thank you title very cool
    Member

    Joined:
    Aug 18, 2015
    Messages:
    3,120
    Country:
    United Kingdom
    No it didn't. The supposed "password leak" was actually "that iso site" having a password leak, and people sharing their password there with GBATemp.
     
    Subtle Demise and MarkDarkness like this.
  7. sarkwalvein

    sarkwalvein There's hope for a Xenosaga port.
    Member

    Joined:
    Jun 29, 2007
    Messages:
    7,721
    Country:
    Germany
    Did it really?
    I remember some time ago there was a leak of password from several sites, including e.g. ngemu.com
    Many users had the same password on the temps, and it was brought to the Staff attention due to some hacked accounts, and this was the reason the whole site changed suggested a password change and added 2-step verification.

    But the leak was not on the temps side.
     
    Subtle Demise likes this.
  8. KingVamp

    KingVamp Haaah-hahahaha!
    Member

    Joined:
    Sep 13, 2009
    Messages:
    11,740
    Country:
    United States
    Forgot about that. I think I changed my password anyway, at the time.
     
    Seriel likes this.
  9. Asia81

    Asia81 In my Ecchi World <3
    Member

    Joined:
    Nov 15, 2014
    Messages:
    5,840
    Country:
    France
    Same, something like that
    [​IMG]
     
  10. DarkFlare69

    DarkFlare69 GBAtemp Psycho!
    Member

    Joined:
    Dec 8, 2014
    Messages:
    4,973
    Country:
    United States
    Yeah, pretty much
     
  11. VitaType

    VitaType GBAtemp Maniac
    Member

    Joined:
    Jul 16, 2016
    Messages:
    1,033
    Country:
    Germany
    Lets take a look: blogs (including blogrolls), the ability to follow people and have follower (even called that way), a personal short message stream for every single user on there profile page, status messages, the ability to add personal details to your profile such as birthday, country you life in, gender, occupation, a short personal text, ... and a PM system that even allows multiple users at once. At least there is nothing comparable to facebook groups (wonder what this "watch"-links above all this interest categories called forums make *click* Oh... nevermind)
    If you don't like social media I fear I have really bad news for you: This software here is more of a social media software based on a forum software then just a forum software.

    I agree general purpose social media such as facebook isn't great :)
     
    Nightwish likes this.
  12. MikaDubbz

    MikaDubbz GBAtemp Advanced Fan
    Member

    Joined:
    Dec 12, 2017
    Messages:
    678
    Country:
    United States
    I'm surprised someone didn't swoop in, find Trump's account and just troll everyone. That would be classic.
     
    ry755, leafeon34 and Subtle Demise like this.
  13. Viri

    Viri GBAtemp Addict
    Member

    Joined:
    Sep 13, 2009
    Messages:
    2,596
    Country:
    United States
    I would honestly be too scared to. I'm sure doing something like that would put me on some sort of list. I'm pretty sure it's not illegal(unsure), but, I don't think I'd wanna piss off the US gov like that. :P
     
  14. Arras

    Arras GBAtemp Guru
    Member

    Joined:
    Sep 14, 2010
    Messages:
    6,225
    Country:
    Netherlands
    If his twitter counts as an official communication channel (and it probably does at this point), you'd probably get arrested real fast if you did that.
     
    leafeon34 and Subtle Demise like this.
  15. jt_1258

    jt_1258 Human?
    Member

    Joined:
    Aug 21, 2016
    Messages:
    2,622
    Country:
    United States
    Fuck...well, I guess that's how some prick in Middleburg Hights Ohio got into my school's gaming club's twitter account yesterday
     
  16. the_randomizer

    the_randomizer The Temp's official fox whisperer
    Member

    Joined:
    Apr 29, 2011
    Messages:
    29,392
    Country:
    United States
    Gee, someone really screwed the pooch over at IT, sucks for them as they're gonna get fired.
     
  17. sarkwalvein

    sarkwalvein There's hope for a Xenosaga port.
    Member

    Joined:
    Jun 29, 2007
    Messages:
    7,721
    Country:
    Germany
    That would be golden, really. Specially if the troll hacker starts mentioning topics and people that makes no sense for the president to mention... Oh wait, was the account hacked already?
     
    Seriel, Subtle Demise and Lucifer666 like this.
  18. DarthDub

    DarthDub Amateur Hacker
    Member

    Joined:
    Jan 26, 2016
    Messages:
    2,714
    Country:
    United States
    You mean he doesn't already troll people?
     
    Subtle Demise likes this.
  19. kuwanger

    kuwanger GBAtemp Advanced Maniac
    Member

    Joined:
    Jul 26, 2006
    Messages:
    1,510
    Country:
    United States
    Sounds great and all until (1) some website figures a way to spoof appearing to be a bunch of others and harvests your usernames/passwords or (2) there's some Twitter-like accident where your passwords or their hashes end up being in some log somewhere that's hacked. Keepass looks better because (1) it's open source so you can verify the source (but you really have to do that and verify it to be safe) and (2) it's all local and only mirrored/used at your discretion. Personally, I don't use Keepass because it sounds like a database and database corruption can mean losing many passwords. It's the right idea, though, and reasonably safe if you regularly backup the database.

    PS - IIRC gbatemp did have some issue where they were getting suspicious logins or something, so they encouraged people to change their password proactively. There's a big difference between a website having suspicious logins, being hacked and leaking password hashes, and leaking actual passwords which may or may not have been hacked.
     
    Subtle Demise likes this.
  20. MarkDarkness

    MarkDarkness Deliverator
    Member

    Joined:
    Dec 17, 2009
    Messages:
    954
    Country:
    Poland
    Nowadays if people really changed their password every time a breach like this is announced, they'd need a password book to carry around, which defeats the purpose.

    Nowadays it's either use a password manager/generator or not caring.
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - accidentally, exposing, password