http://blog.twitch.tv/2015/03/important-notice-about-your-twitch-account/
if you use your twitch password on any other site, change it asap. you will be forced to change your twitch password on next login. more info can be found in the blog post.
twitch possibly compromised
posted in
Off Topic
http://blog.twitch.tv/2015/03/important-notice-about-your-twitch-account/
if you use your twitch password on any other site, change it asap. you will be forced to change your twitch password on next login. more info can be found in the blog post.
if you use your twitch password on any other site, change it asap. you will be forced to change your twitch password on next login. more info can be found in the blog post.
already found it strange that twitch asked me to reset my password. now i know why, thx
already found it strange that twitch asked me to reset my password. now i know why, thx
For some reason you have to put in a really really strong password before it will let you set a new one.
Edit:If it says it is still weak you will not be able to set one but it it says it is so-so then you be good.
For some reason you have to put in a really really strong password before it will let you set a new one.
Edit:If it says it is still weak you will not be able to set one but it it says it is so-so then you be good.
Edit:If it says it is still weak you will not be able to set one but it it says it is so-so then you be good.
how bad are your passwords that it's stuck on weak............
how bad are your passwords that it's stuck on weak............
Foxhow bad are your passwords that it's stuck on weak............
LOL^^ for real...
[quote=Fox]how bad are your passwords that it's stuck on weak............[/quote]
LOL^^ for real...
LOL^^ for real...
I used my weakest throwaway password on Twitch and keep forgetting to change it. Thank god for laziness.
I used my weakest throwaway password on Twitch and keep forgetting to change it. Thank god for laziness.
I forgot my twitch password so this is probably a good thing for me
I forgot my twitch password so this is probably a good thing for me
All 3 of the passwords I use are labeled very weak. lol
All 3 of the passwords I use are labeled very weak. lol
i don't think its so much about the password being weak, i got the email as well and i always had a strong password
we believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.
i don't think its so much about the password being weak, i got the email as well and i always had a strong password
[quote]we believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.[/quote]
[quote]we believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.[/quote]
If you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.
If you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.
smoboIf you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.
I set my password to what it was before and I didn't get that message.
[quote=smobo]If you're getting that message your password is just too similar to your old password. I removed a character and it suddenly became strong, lol.[/quote]
I set my password to what it was before and I didn't get that message.
I set my password to what it was before and I didn't get that message.
if u type password in post it puts in asterisk
look ************
if u type password in post it puts in asterisk
look ************
look ************
twitch got no chill i got my phone number phished lmao
twitch got no chill i got my phone number phished lmao
weak passwords for accounts u dont give a fuck about
its more convenient
abc123
weak passwords for accounts u dont give a fuck about
its more convenient
abc123
its more convenient
abc123
I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
zigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
You still have to worry about brute forcing. Some people make it extremely easy and just use a single word, maybe a number as well. Although now this is getting harder to do thanks to sites starting to lock accounts after x login attempts.
Also, if a person uses the same password on all sites, and one site's password database is compromised and cracked, then someone could get into all accounts belonging to that person.
I'm not a security expert either, but this is what I'm understanding.
[quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
You still have to worry about brute forcing. Some people make it extremely easy and just use a single word, maybe a number as well. Although now this is getting harder to do thanks to sites starting to lock accounts after x login attempts.
Also, if a person uses the same password on all sites, and one site's password database is compromised and cracked, then someone could get into all accounts belonging to that person.
I'm not a security expert either, but this is what I'm understanding.
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
You still have to worry about brute forcing. Some people make it extremely easy and just use a single word, maybe a number as well. Although now this is getting harder to do thanks to sites starting to lock accounts after x login attempts.
Also, if a person uses the same password on all sites, and one site's password database is compromised and cracked, then someone could get into all accounts belonging to that person.
I'm not a security expert either, but this is what I'm understanding.
zigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).
[quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).
MasterKunizigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).
We can also hope that Twitch used some kind of a salt which would make it more useless :)
[quote=MasterKuni][quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).[/quote]
We can also hope that Twitch used some kind of a salt which would make it more useless :)
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).[/quote]
We can also hope that Twitch used some kind of a salt which would make it more useless :)
MasterKunizigzterI don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).
No, Rainbow Tables are giant lists or plaintext passwords and their equivalent hashes. You just search by hash to find the plaintext password for the hash you have. (so basically what you said first)
[quote=MasterKuni][quote=zigzter]I don't know anything (relatively) about web security, but don't most passwords get stolen by somehow getting to where they're stored and then decrypting them?
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).[/quote]
No, Rainbow Tables are giant lists or plaintext passwords and their equivalent hashes. You just search by hash to find the plaintext password for the hash you have. (so basically what you said first)
And if that's the case, what's the point in having really long/complicated passwords? Wouldn't hashing them make each one equally hard to crack?[/quote]
They either cross-reference the hashes against other plaintext leaks or use rainbow tables (which is essentially an optimized brute-force method). If your password is strong enough, they won't be able "break it" (i.e. find a match for its hash).[/quote]
No, Rainbow Tables are giant lists or plaintext passwords and their equivalent hashes. You just search by hash to find the plaintext password for the hash you have. (so basically what you said first)
Please
sign in through STEAM
to post a comment.