Might be time for a password refresh. Largest leak ever.

[Howard2k]

This is likely the biggest password leak ever: nearly 10 billion credentials exposed

The 'RockYou2024' leak could give hackers a huge upper hand.

mashable.com

Cybersecurity researchers are calling it the largest password compilation leak of all time.

On July 4, a newly registered user on a popular hacking forum posted a file containing nearly 10 billion compromised passwords in plaintext.

 

[Juan Tumani]

Ok. So 123 5.

Crap, now that one's on the web too.

 

[SteveGangi]

Just another reason to not do any online banking.

 

[Howard2k]

Just another reason to not do any online banking.

I don’t think so. If you’re doing online banking with solely a password as authentication, then yes, but that’s pretty foolish. Should be using MFA and a strong paraphrase at least.

And don’t use wifi you don’t own.

 

[fett]

ou812 has been compromised?

 

[DeafDumbBlind Kid]

and again, I say hackers should be publicly executed in the most horrendous manners possible.

 

[sonar1]

 

[ReWind James]

"AgnesiFan#1" wasn't listed.

I guess I'm still secure!

 

[SteveC]

I don’t think so. If you’re doing online banking with solely a password as authentication, then yes, but that’s pretty foolish. Should be using MFA and a strong paraphrase at least.

And don’t use wifi you don’t own.

Yea... this. 1,000%

I never use public WIFI. I'll set my phone up as a hotspot, if I absolutely need to be connected.

But, if I am out and about, I really do not need to be connected.

Apple passkeys and facial recognition, ftw

 

[rfrizz]

Just another reason to not do any online banking.

Is there any other kind of banking?

 

[mdubya]

password02 activated.

 

[judson]

whew! im safe...

mycocktasteslikechicken was not on that list

 

[Juan Tumani]

View attachment 778311

 

[TheX]

Use unique passwords, change them every 90 days, and use MFA.

It really is that simple. There is no excuse for getting compromised.

Use KeePass and encrypt the database.

 

[rfrizz]

From the article:

A brute force attack is a popular hacking method where the attacker guesses a user's password by trial-and-error. Hackers commonly use automated scripts when carrying out a brute force attack, which enables them to try out a slew of passwords within a short period of time.​

==========================

Seems like BS to me. Most websites lock you out after 3-5 failed attempts, so brute force is not really practical.

 

[LocoTex]

I'm good. I'll just change it from "Password" to "Password1".

 

[TheX]

From the article:

A brute force attack is a popular hacking method where the attacker guesses a user's password by trial-and-error. Hackers commonly use automated scripts when carrying out a brute force attack, which enables them to try out a slew of passwords within a short period of time.​

==========================

Seems like BS to me. Most websites lock you out after 3-5 failed attempts, so brute force is not really practical.

99% of systems have a 3-5 password lockout. Like Active Directory, you get 5 tries and you're locked out for 5 minutes. That means a brute-force attack can only be leveraged 60 times an hour. That makes dictionary attacks pointless, as frizz was saying.

 

[DeafDumbBlind Kid]

some lame brain clicked on a link in a phishing email

could have been my brother for all I know. How the fuck his credit cards get hacked so many times I have no idea. I've been hacked 2 times, once at a gas station skimmer and the other was somebody trying to buy 1600 dollars worth of building supplies and 800 dollars worth of makeup in Ohio. Hm, who I know there?

 

[brokentoeswalker]

some lame brain clicked on a link in a phishing email

could have been my brother for all I know. How the fuck his credit cards get hacked so many times I have no idea. I've been hacked 2 times, once at a gas station skimmer and the other was somebody trying to buy 1600 dollars worth of building supplies and 800 dollars worth of makeup in Ohio. Hm, who I know there?

Sounds like OhioSteve is trading with the mennonites again and plans to go glam for his next 60 lined up gigs in buttfuck Ohio.

 

[Duane_the_tub]

... a file containing nearly 10 billion compromised passwords in plaintext.

Wow, didn't even show enough mercy to encrypt it into WingDings font.