From the site:

***
We believe our database may have been potentially compromised. Although the passwords are strongly encrypted, to be on the safe side, we still suggest all users change their passwords.

Edit: Just a heads up, we plugged the hole that allowed this to happen.
***

Edit 2: It is advisable to change your passkeys - you can now do this yourselves (for a limited time) in your profile.

wtf I use the same password on all sites. :(

wtf I use the same password on all sites. :(
same here except that i also use them for ebay, hotmail and paypal :fear:

I dont know exactly my pass on trackers:unsure:

Good I changed my password a while back, else I also use the same password on all sites :)

I use different random passwords like dfkKDs53-83kKJNzAQa3Fa-2didj on every site, so whatever...

https://addons.mozilla.org/en-US/firefox/addon/2848

allows me to use more passwords, and is great for re-installations.

same password on all sites IS NOT A PROBLEM.

1st: passwords are not encrypted... passwords are HASHED.... (lol@waffles staff talking about encryption...)

2nd: all the sites use different HASH salts.... so even if you got your HASH stolen from one site it cannot be used to login into another site ;)
becouse same password still means different hashes :)

also lately most sites are allowing login only from specific ips and you need to recreate the cookie if you change the ip ;)

a biggest problem instead is the PASSKEY... the only site I know that wouldn't suffer the passkey problem is GFT (where you need to be either logged in with the ip you want to use, or specify wich ip you want to use to connect to the tracker manually)

https://addons.mozilla.org/en-US/firefox/addon/2848

allows me to use more passwords, and is great for re-installations.

never trust unsecured addons for passwords Foxmarks pissed me off once

https://addons.mozilla.org/en-US/firefox/addon/2848

allows me to use more passwords, and is great for re-installations.

ehm... when you reinstall you just need to copy the whole firefox profile... and all sessions, cookies, history, passwords, form datas, extensions, configs and everything is kept intact -_-

I suggest you to use keepass safe to generate and store securely random passwords.....
http://keepass.info/

wtf I use the same password on all sites. :(
same here except that i also use them for ebay, hotmail and paypal :fear:


U shouldn't say that in public ;)

I suggest you to use keepass safe to generate and store securely random passwords.....
http://keepass.info/

If you use OSX you should try 1Password (http://agilewebsolutions.com/products/1Password), also works on the iPhone.

just changed mine :\

ty

wtf I use the same password on all sites. :(

That's courting disaster In the waiting, I would consider changing a few of them.

yeah, it is NOT safe to use the same password for every site. That is just wrong, the first thing a criminal will do once he's got your password is try it out on all your accounts.

Read this (http://www.microsoft.com/protect/yourself/password/checker.mspx), and act accordingly. with things like ebay paypal and online banking, you cant take those risks.

Not to mention if you ever do get compromised, you're going to worry over it and/or change your password for every site you've got.

yeah, it is NOT safe to use the same password for every site.

It's hilarious to see someone get royally screwed by their own ignorance, though.

That seriously freaked me out at first. I hope the staff manages figure everything out... they probably will.

lol @ using the same passwords on every site. Sorry but that's basically asking for it.

wtf I use the same password on all sites. :(
same here except that i also use them for ebay, hotmail and paypal :fear:
Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etc

Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etc

from earlier in the thread...


I suggest you to use keepass safe to generate and store securely random passwords.....
http://keepass.info/

use a long (but easily remembered) keyphrase for the keepass database and let it generate and store the passwords you use on the web. it makes no sense to use weak passwords on any site on the internet.

I use different random passwords like dfkKDs53-83kKJNzAQa3Fa-2didj on every site, so whatever...

now WE know! :shifty:

same here except that i also use them for ebay, hotmail and paypal :fear:
Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etc
Honestly it's best practice to use a different password for every site. Two passwords only is still way to risky. I'd never use the same password for a torrent tracker that I use on my bank account.

Using random, complex passwords for every site and KeePass to store them is an excellent thing to do.

You know...the thing about a different pass on every site is-
Easier said than done
For muddlebrainz like me anyways....damn you waffle staff memeber!

same here except that i also use them for ebay, hotmail and paypal :fear:
Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etc
come on, i was joking..

wtf I use the same password on all sites. :(

That's courting disaster In the waiting, I would consider changing a few of them.

I would consider using a different password on EVERY site. Honestly look through this forum at all the hacking dramas that have happened over the years. This isn't the first time a torrent DB has been compromised.

Some sites are even stupid enough/malicious enough to not hash the passwords and keep them in plain text. Only a few torrent sites are actually secure and hack proof so your pass is vulnerable. Even if the pass is hashed who's to say someone isn't logging them as you type them in at the login page (yes it's happened before).

If some fucker manages to get hold of one of your passwords believe me the first thing he'll do is hack all of your accounts and your email.

Honestly just write them on a .txt file and put them somewhere safe. Using the same password is madness, particularly if you become a well known member of the BT community.

Honestly just write them on a .txt file and put them somewhere safe.
or you can always store them with a soft like Password Memory.

I always write trackers pass on a piece of paper and pin it on my board

from earlier in the thread...


I suggest you to use keepass safe to generate and store securely random passwords.....
http://keepass.info/

use a long (but easily remembered) keyphrase for the keepass database and let it generate and store the passwords you use on the web. it makes no sense to use weak passwords on any site on the internet.
On your PC , keepass is fine , but how the hell am i supposed to use it on my phone / psp / laptop / public computers . do i carry a flash drive with the passkey everywhere ? id rather not

What a shame, a former staff member is acting stupid :/

Not the first time though.

Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etc
come on, i was joking..
Sarcasm is a bitch :lol:

I changed my password although i think it is nothing serious.

i've changed my password and passkey ~~~~

That's courting disaster In the waiting, I would consider changing a few of them.

I would consider using a different password on EVERY site. Honestly look through this forum at all the hacking dramas that have happened over the years. This isn't the first time a torrent DB has been compromised.

Some sites are even stupid enough/malicious enough to not hash the passwords and keep them in plain text. Only a few torrent sites are actually secure and hack proof so your pass is vulnerable. Even if the pass is hashed who's to say someone isn't logging them as you type them in at the login page (yes it's happened before).

If some fucker manages to get hold of one of your passwords believe me the first thing he'll do is hack all of your accounts and your email.

Honestly just write them on a .txt file and put them somewhere safe. Using the same password is madness, particularly if you become a well known member of the BT community.


You will get the odd moron that will read this and not pay one blind bit of notice, thinking this will never happen to me.

On a personal note, I do have a text file with passwords, and well hidden.
I'm not stupid enough to keep passwords all the same.

password and passkey changed! Thanks for the heads up guys! :)

That's courting disaster In the waiting, I would consider changing a few of them.

I would consider using a different password on EVERY site. Honestly look through this forum at all the hacking dramas that have happened over the years. This isn't the first time a torrent DB has been compromised.

Some sites are even stupid enough/malicious enough to not hash the passwords and keep them in plain text. Only a few torrent sites are actually secure and hack proof so your pass is vulnerable. Even if the pass is hashed who's to say someone isn't logging them as you type them in at the login page (yes it's happened before).

If some fucker manages to get hold of one of your passwords believe me the first thing he'll do is hack all of your accounts and your email.

Honestly just write them on a .txt file and put them somewhere safe. Using the same password is madness, particularly if you become a well known member of the BT community.

WORD! Amazing how people just dont seem to get it. If they got access to the full DB then your emails and IPs are also known. I wouldnt doubt seeing this pop up around the net in the next few days
:dabs:

Indeed it's a shame but it seems to happen again and again, and there's never a shortage of people who don't learn and get caught up in it.

There is password manager applications which are databases that automatically create and manage complex passwords for your internet logons. They even log you on automatically to your torrent sites or bank accounts or whatever and are completely configurable. I use 1password for Mac but I know there is a few PC apps that also do this.

i use roboform for all my passwords and keep them on a flash on my keyring. roboform has a password generator to, pretty conveinient.