Printable View
From the site:
***
We believe our database may have been potentially compromised. Although the passwords are strongly encrypted, to be on the safe side, we still suggest all users change their passwords.
Edit: Just a heads up, we plugged the hole that allowed this to happen.
***
Edit 2: It is advisable to change your passkeys - you can now do this yourselves (for a limited time) in your profile.
wtf I use the same password on all sites. :(
same here except that i also use them for ebay, hotmail and paypal :fear:Quote:
Originally Posted by redMonster
I dont know exactly my pass on trackers:unsure:
Good I changed my password a while back, else I also use the same password on all sites :)
I use different random passwords like dfkKDs53-83kKJNzAQa3Fa-2didj on every site, so whatever...
https://addons.mozilla.org/en-US/firefox/addon/2848
allows me to use more passwords, and is great for re-installations.
same password on all sites IS NOT A PROBLEM.
1st: passwords are not encrypted... passwords are HASHED.... (lol@waffles staff talking about encryption...)
2nd: all the sites use different HASH salts.... so even if you got your HASH stolen from one site it cannot be used to login into another site ;)
becouse same password still means different hashes :)
also lately most sites are allowing login only from specific ips and you need to recreate the cookie if you change the ip ;)
a biggest problem instead is the PASSKEY... the only site I know that wouldn't suffer the passkey problem is GFT (where you need to be either logged in with the ip you want to use, or specify wich ip you want to use to connect to the tracker manually)
never trust unsecured addons for passwords Foxmarks pissed me off onceQuote:
Originally Posted by roger200
ehm... when you reinstall you just need to copy the whole firefox profile... and all sessions, cookies, history, passwords, form datas, extensions, configs and everything is kept intact -_-Quote:
Originally Posted by roger200
I suggest you to use keepass safe to generate and store securely random passwords.....
http://keepass.info/
Quote:
Originally Posted by cinephiliasame here except that i also use them for ebay, hotmail and paypal :fear:Quote:
Originally Posted by redMonster
U shouldn't say that in public ;)
If you use OSX you should try 1Password, also works on the iPhone.Quote:
Originally Posted by yayyyyyy
just changed mine :\
ty
That's courting disaster In the waiting, I would consider changing a few of them.Quote:
Originally Posted by redMonster
yeah, it is NOT safe to use the same password for every site. That is just wrong, the first thing a criminal will do once he's got your password is try it out on all your accounts.
Read this, and act accordingly. with things like ebay paypal and online banking, you cant take those risks.
Not to mention if you ever do get compromised, you're going to worry over it and/or change your password for every site you've got.
It's hilarious to see someone get royally screwed by their own ignorance, though.Quote:
Originally Posted by Col. Skillz
That seriously freaked me out at first. I hope the staff manages figure everything out... they probably will.
lol @ using the same passwords on every site. Sorry but that's basically asking for it.
Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etcQuote:
Originally Posted by cinephiliasame here except that i also use them for ebay, hotmail and paypal :fear:Quote:
Originally Posted by redMonster
from earlier in the thread...Quote:
Originally Posted by manu1991
use a long (but easily remembered) keyphrase for the keepass database and let it generate and store the passwords you use on the web. it makes no sense to use weak passwords on any site on the internet.Quote:
Originally Posted by yayyyyyy
now WE know! :shifty:Quote:
Originally Posted by Rigel9
Honestly it's best practice to use a different password for every site. Two passwords only is still way to risky. I'd never use the same password for a torrent tracker that I use on my bank account.Quote:
Originally Posted by manu1991Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etcQuote:
Originally Posted by cinephilia
Using random, complex passwords for every site and KeePass to store them is an excellent thing to do.
You know...the thing about a different pass on every site is-
Easier said than done
For muddlebrainz like me anyways....damn you waffle staff memeber!
come on, i was joking..Quote:
Originally Posted by manu1991Its best to have 2 passwords , one normal easy to remember to use on unimportant forums , spammish sites , demonoid like trackers etc and one random , strong pass to use only for internet banking , very high level trackers etcQuote:
Originally Posted by cinephilia
I would consider using a different password on EVERY site. Honestly look through this forum at all the hacking dramas that have happened over the years. This isn't the first time a torrent DB has been compromised.Quote:
Originally Posted by forcusThat's courting disaster In the waiting, I would consider changing a few of them.Quote:
Originally Posted by redMonster
Some sites are even stupid enough/malicious enough to not hash the passwords and keep them in plain text. Only a few torrent sites are actually secure and hack proof so your pass is vulnerable. Even if the pass is hashed who's to say someone isn't logging them as you type them in at the login page (yes it's happened before).
If some fucker manages to get hold of one of your passwords believe me the first thing he'll do is hack all of your accounts and your email.
Honestly just write them on a .txt file and put them somewhere safe. Using the same password is madness, particularly if you become a well known member of the BT community.
or you can always store them with a soft like Password Memory.Quote:
Originally Posted by sear
I always write trackers pass on a piece of paper and pin it on my board
On your PC , keepass is fine , but how the hell am i supposed to use it on my phone / psp / laptop / public computers . do i carry a flash drive with the passkey everywhere ? id rather notQuote:
Originally Posted by lysinefrom earlier in the thread...
use a long (but easily remembered) keyphrase for the keepass database and let it generate and store the passwords you use on the web. it makes no sense to use weak passwords on any site on the internet.Quote:
Originally Posted by yayyyyyy
What a shame, a former staff member is acting stupid :/
Not the first time though.
Sarcasm is a bitch :lol:Quote:
Originally Posted by cinephiliacome on, i was joking..Quote:
Originally Posted by manu1991
I changed my password although i think it is nothing serious.
i've changed my password and passkey ~~~~
Quote:
Originally Posted by searI would consider using a different password on EVERY site. Honestly look through this forum at all the hacking dramas that have happened over the years. This isn't the first time a torrent DB has been compromised.Quote:
Originally Posted by forcus
Some sites are even stupid enough/malicious enough to not hash the passwords and keep them in plain text. Only a few torrent sites are actually secure and hack proof so your pass is vulnerable. Even if the pass is hashed who's to say someone isn't logging them as you type them in at the login page (yes it's happened before).
If some fucker manages to get hold of one of your passwords believe me the first thing he'll do is hack all of your accounts and your email.
Honestly just write them on a .txt file and put them somewhere safe. Using the same password is madness, particularly if you become a well known member of the BT community.
You will get the odd moron that will read this and not pay one blind bit of notice, thinking this will never happen to me.
On a personal note, I do have a text file with passwords, and well hidden.
I'm not stupid enough to keep passwords all the same.
password and passkey changed! Thanks for the heads up guys! :)
WORD! Amazing how people just dont seem to get it. If they got access to the full DB then your emails and IPs are also known. I wouldnt doubt seeing this pop up around the net in the next few daysQuote:
Originally Posted by searI would consider using a different password on EVERY site. Honestly look through this forum at all the hacking dramas that have happened over the years. This isn't the first time a torrent DB has been compromised.Quote:
Originally Posted by forcus
Some sites are even stupid enough/malicious enough to not hash the passwords and keep them in plain text. Only a few torrent sites are actually secure and hack proof so your pass is vulnerable. Even if the pass is hashed who's to say someone isn't logging them as you type them in at the login page (yes it's happened before).
If some fucker manages to get hold of one of your passwords believe me the first thing he'll do is hack all of your accounts and your email.
Honestly just write them on a .txt file and put them somewhere safe. Using the same password is madness, particularly if you become a well known member of the BT community.
:dabs:
Indeed it's a shame but it seems to happen again and again, and there's never a shortage of people who don't learn and get caught up in it.
There is password manager applications which are databases that automatically create and manage complex passwords for your internet logons. They even log you on automatically to your torrent sites or bank accounts or whatever and are completely configurable. I use 1password for Mac but I know there is a few PC apps that also do this.
i use roboform for all my passwords and keep them on a flash on my keyring. roboform has a password generator to, pretty conveinient.