1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

LeakedIn.org - check if your password was leaked

Collapse
X
51 to 60 of 68 Previous 1 3 4 5 6 7 template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
51 to 60 of 68 Previous 1 3 4 5 6 7 template Next
    #51
    Originally posted by Bunk View Post
    I bet "correct horse battery staple" is now a fairly common password, especially on tech sites.
    Yep.

    Sad, isn't it?

    If I was running a system with a black list of passwords not allowed, I'd have already added that one.
    Last edited by Sysman; 7 June 2012, 15:56.
    Behold the warranty -- the bold print giveth and the fine print taketh away.

    Comment

      #52
      Originally posted by russell View Post
      Also pasting your password into a random site to check if it has been leaked is idiotic.
      Blindly condemning the use of the site out of pure ignorance when you could confirm that it's safe to use in about five seconds is idiotic.

      Comment

        #53
        Originally posted by NickFitz View Post
        I need several now. Mine hasn't - well, hadn't - yet been cracked, but it can't be trusted anymore now the hash is out there and associated with an email address at my domain, even though I use a separate email address for LinkedIn.

        At least it wasn't the password I use for important stuff like banking, GMail, and CUK
        I ran a few of my oft used ones through and it was 50/50 whether they are in there, including the linkedin one, so it looks like I'm just not that original. I suppose I'll have to come up with some new, better, ones and go on a changing frenzy at the weekend. It'll give me an excuse to take my new laptop to the coffee shop.
        While you're waiting, read the free novel we sent you. It's a Spanish story about a guy named 'Manual.'

        Comment

          #54
          They should try to hash the hashes and they'll get more passwords cracked...

          Comment

            #55
            This one looks pretty safe and easy to remember

            18a25cb38dcc89b50f5149d33f744be8f948affc
            While you're waiting, read the free novel we sent you. It's a Spanish story about a guy named 'Manual.'

            Comment

              #56
              Originally posted by NickFitz View Post
              Blindly condemning the use of the site out of pure ignorance when you could confirm that it's safe to use in about five seconds is idiotic.
              Hey bit harsh.

              I've checked Russels password for him. I typed in 'TotalCretin' and yes it appears he's been hacked.
              What happens in General, stays in General.
              You know what they say about assumptions!

              Comment

                #57
                Originally posted by NickFitz View Post
                Chris Shiflett and friends have got the password hash dump and have set up a site where you can see if you're in there, and if your password had been cracked at the time the dump was produced: LeakedIn: Is your password safe?

                Chris is well-known in the web development community (he's published a couple of books on web site security too) so his site can be trusted, but if you don't want to take his word for it, the site allows you to enter the SHA1 hash of your password instead. If you enter your actual password they SHA1 hash it anyway with JavaScript before sending it (I've checked and this does happen; if you use NoScript or similar remember to enable JS on the site first), so either way you won't be disclosing your password to them.

                Mine is in there
                Thank you Nick. Mine isn't there, but I changed it this morning when I heard the news, plus a couple of other places where I use the same password (silly me).

                Post of the Day !

                Comment

                  #58
                  Originally posted by Platypus View Post
                  Thank you Nick. Mine isn't there, but I changed it this morning when I heard the news, plus a couple of other places where I use the same password (silly me).

                  Post of the Day !
                  HTH

                  Comment

                    #59
                    none of the things I used that password for are so important that it matters
                    Same here. I always use different passwords for bank etc and same old one for unimportant things like Facebook, Linkedin or CUK. Hang on though, you mean somebody could sign into CUK as us and post a load of old rubbish? Horrors!
                    bloggoth

                    If everything isn't black and white, I say, 'Why the hell not?'
                    John Wayne (My guru, not to be confused with my beloved prophet Jeremy Clarkson)

                    Comment

                      #60
                      I can't remember unique passwords per site and don't want to store passwords somewhere with a master key - just too much of a PITA.

                      However I am considering about using the same basic password, somehow 'salted' based on the website name.
                      e.g. passwordcontractoruk,passwordgmail,passwordhsbc etc. From what I understand of hashing and salting this would be secure since a)if they store hashed passwords any cahnge makes the hash different b)even if they stored plaintext passwords, it would require a human agent to manually inspect the hacked passwords and understand them, which I doubt would happen.
                      Originally posted by MaryPoppins
                      I'd still not breastfeed a nazi
                      Originally posted by vetran
                      Urine is quite nourishing

                      Comment

                      Reply to Thread
                      51 to 60 of 68 Previous 1 3 4 5 6 7 template Next

                      Advertisers

                      1. Contracting
                        1. General
                          1. Brexit
                        2. Business / Contracts
                          1. Coronavirus Assistance
                        3. Accounting / Legal
                          1. Umbrella Companies
                          2. HMRC Scheme Enquiries
                          3. The Future of Contracting
                          4. IR35 Reform
                        4. Technical
                        5. Welcome / FAQs
                      2. Social
                        1. Light Relief
                        2. Social / Events
                      Working...
                      X