|
OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
#324306 - 04/08/14 06:03 PM
|
|
|
|
Tomu Breidah |
No Problems, Only Solutions
|
|
|
Reged: 08/14/04
|
Posts: 6820
|
Loc: Neither here, nor there.
|
|
Send PM
|
|
|
Re: everyone needs to change all the passwords for everything now. Right?
[Re: TriggerFin]
#324354 - 04/09/14 04:52 AM
|
|
|
|
|
Re: everyone needs to change all the passwords for everything now. Right?
[Re: Tomu Breidah]
#324416 - 04/10/14 06:02 AM
|
|
|
|
GatKong |
Tetris Mason
|
|
|
Reged: 04/20/07
|
Posts: 5907
|
Loc: Sector 9
|
|
Send PM
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: TriggerFin]
#324562 - 04/12/14 03:20 AM
|
|
|
Seems really a theoretical breech, tho, isn't it? Are there any known cases of actual exploit? In other words, the fact that I'm lazy to reset all my passwords... is that being just plain dumb?
|
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: GatKong]
#324576 - 04/12/14 09:33 AM
|
|
|
> Seems really a theoretical breech, tho, isn't it? Are there any known cases of actual > exploit? In other words, the fact that I'm lazy to reset all my passwords... is that > being just plain dumb?
Yes there is evidence that that the bad guys knew about this already.
|
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: GatKong]
#324581 - 04/12/14 02:45 PM
|
|
|
> Are there any known cases of actual exploit?
Yes. I pointed ssltest.py at mail.yahoo.com and immediately saw usernames and passwords in unencrypted plaintext.
|
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: MooglyGuy]
#324584 - 04/12/14 04:06 PM
|
|
|
> > Are there any known cases of actual exploit? > > Yes. I pointed ssltest.py at mail.yahoo.com and immediately saw usernames and > passwords in unencrypted plaintext.
Which would mean yahoo isn't fixed yet, and changing your password there is pointless?
|
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: TriggerFin]
#324585 - 04/12/14 04:31 PM
|
|
|
> > > Are there any known cases of actual exploit? > > > > Yes. I pointed ssltest.py at mail.yahoo.com and immediately saw usernames and > > passwords in unencrypted plaintext. > > Which would mean yahoo isn't fixed yet, and changing your password there is > pointless?
Back when the exploit was first announced, I mean. It's since been fixed.
|
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: Vas Crabb]
#324595 - 04/12/14 07:53 PM
|
|
|
So they had your info weeks ago and have done nothing with it. Now they are going to go ahead with their plans and hope you were too lazy to change things up? Just saying...
I'd still change anything important though.
|
Pessimist: Oh, this can't get any worse!
Optimist: Yes, it can!
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: Bad A Billy]
#324600 - 04/12/14 08:53 PM
|
|
|
> So they had your info weeks ago and have done nothing with it. Now they are going to > go ahead with their plans and hope you were too lazy to change things up? Just > saying... > > I'd still change anything important though.
I end up changing important things all the time anyway. Can't remember password, get a reset key, can't pick a password I've used before, repeat next time.
|
|
|
DMala |
Sleep is overrated
|
|
|
Reged: 05/09/05
|
Posts: 3989
|
Loc: Waltham, MA
|
|
Send PM
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: TriggerFin]
#324609 - 04/13/14 05:36 AM
|
|
|
> I end up changing important things all the time anyway. Can't remember password, get > a reset key, can't pick a password I've used before, repeat next time.
If you get sick of this, I highly recommend the combination of KeePass + Dropbox. You save your passwords in KeePass, encrypted with a strong password, and save the database to Dropbox. My passwords are available on any device I use, and when I have to make a new account, I just add it, save, and it syncs instantly.
|
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: TriggerFin]
#324674 - 04/14/14 06:03 PM
|
|
|
|
Foxhack |
Furry guy
|
|
|
Reged: 01/30/04
|
Posts: 2409
|
Loc: Spicy Canada
|
|
Send PM
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: DMala]
#324678 - 04/14/14 08:06 PM
|
|
|
> > I end up changing important things all the time anyway. Can't remember password, > get > > a reset key, can't pick a password I've used before, repeat next time. > > If you get sick of this, I highly recommend the combination of KeePass + Dropbox. You > save your passwords in KeePass, encrypted with a strong password, and save the > database to Dropbox. My passwords are available on any device I use, and when I have > to make a new account, I just add it, save, and it syncs instantly.
I've been trying out KeePass but can't figure something out.
I want to use a specific file as an unlock key, but after picking it out, the program asks me if I want to overwrite the unlock key.
Wouldn't that uh, destroy the unlock key or is there something I'm missing?
|
|
|
DMala |
Sleep is overrated
|
|
|
Reged: 05/09/05
|
Posts: 3989
|
Loc: Waltham, MA
|
|
Send PM
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: Foxhack]
#324695 - 04/15/14 06:03 AM
|
|
|
> I've been trying out KeePass but can't figure something out. > > I want to use a specific file as an unlock key, but after picking it out, the program > asks me if I want to overwrite the unlock key. > > Wouldn't that uh, destroy the unlock key or is there something I'm missing?
I've got it set up with a password, I haven't used an unlock key in a long time. As far as I know, though, the way it works is: you generate the key file once when you set up the database. Then when you open the database, you just point it to the file and KeePass reads it. If it's asking you to overwrite the key file when you open the database, I'm not sure what's going on.
|
|
|
Foxhack |
Furry guy
|
|
|
Reged: 01/30/04
|
Posts: 2409
|
Loc: Spicy Canada
|
|
Send PM
|
|
|
Re: OK, so... everyone needs to change all the passwords for everything now. Right? (nt)
[Re: DMala]
#324701 - 04/15/14 06:56 AM
|
|
|
> > I've been trying out KeePass but can't figure something out. > > > > I want to use a specific file as an unlock key, but after picking it out, the > program > > asks me if I want to overwrite the unlock key. > > > > Wouldn't that uh, destroy the unlock key or is there something I'm missing? > > I've got it set up with a password, I haven't used an unlock key in a long time. As > far as I know, though, the way it works is: you generate the key file once when you > set up the database. Then when you open the database, you just point it to the file > and KeePass reads it. If it's asking you to overwrite the key file when you open the > database, I'm not sure what's going on.
It's asking me if I want to overwrite the key file when I -create- a new database.
|
|
|