Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafesj

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: Security breach?

Dave the Gnome 25 Feb 24 - 09:24 AM
Stilly River Sage 25 Feb 24 - 11:07 AM
DaveRo 25 Feb 24 - 11:12 AM
Dave the Gnome 25 Feb 24 - 12:26 PM
Stilly River Sage 25 Feb 24 - 12:39 PM
Dave the Gnome 25 Feb 24 - 01:05 PM
DaveRo 25 Feb 24 - 01:24 PM
Stilly River Sage 25 Feb 24 - 01:26 PM
Dave the Gnome 25 Feb 24 - 01:37 PM
GUEST,.gargoyle 25 Feb 24 - 10:20 PM
Joe Offer 26 Feb 24 - 12:26 AM
Dave the Gnome 26 Feb 24 - 03:28 AM
MaJoC the Filk 26 Feb 24 - 09:37 AM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum Child
Sort (Forum) by:relevance date
DT Lyrics:




Subject: Tech: Security breach?
From: Dave the Gnome
Date: 25 Feb 24 - 09:24 AM

I have only just started to monoitor security via Google 1 so apologies if this has been asked before but this came up -

mudcat.org

Your info was in a data breach and found on the dark web on 3 Dec 2020
Monitoring profile info was found

Info that you put in your monitoring profile matched info found in this data breach.
Email

dpolshaw@******.com

dpolshaw@******.com

Other info was found that isn't in your monitoring profile

Other info was found on the dark web alongside the info in your monitoring profile. The full details are hidden in case this info isn't yours.
Password

b••••

B••••

Do I need to do anything but changethe password?

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Stilly River Sage
Date: 25 Feb 24 - 11:07 AM

Last week I got a message like that from a monitoring program (free for members of AAA) that has my phone number, supposedly found on the "dark web." The rest of the content with it is the same name I've seen for years, some guy seems to give my phone number as his and I get calls from people wanting to collect his debts, wanting to buy his house, wanting to do many things that are tied to his misbehavior.

I've also seen them regarding my main email address, and as you suggest, I changed the password. There really isn't much else you can do.

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: DaveRo
Date: 25 Feb 24 - 11:12 AM

This one?
Cit0day (unverified): In November 2020, a collection of more than 23,000 allegedly breached websites known as Cit0day were made available for download on several hacking forums. The data consisted of 226M unique email address alongside password pairs, often represented as both password hashes and the cracked, plain text versions. Independent verification of the data established it contains many legitimate, previously undisclosed breaches. The data was provided to HIBP by dehashed.com.

Compromised data: Email addresses, Passwords
Me too. If your password looks like that and you think someone might impersonate you, then change it.

Take a look at Have I been pwned?

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Dave the Gnome
Date: 25 Feb 24 - 12:26 PM

Where do I change my Mudcat password then?

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Stilly River Sage
Date: 25 Feb 24 - 12:39 PM

The point is did you reuse that password anywhere else? You can write to Joe@mudcat.org about changing your password at Mudcat, but you may have to check your records if it is in use other places because if someone is determined to crack any of your accounts, a hacker testing them with a known password is the fastest way for it to happen.

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Dave the Gnome
Date: 25 Feb 24 - 01:05 PM

No - It was a poor password but only used here. Doesn't it defeat the security objective to ask someone else to set up a passoord for you?!?!

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: DaveRo
Date: 25 Feb 24 - 01:24 PM

Also, how would Joe know it's really you?

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Stilly River Sage
Date: 25 Feb 24 - 01:26 PM

Well, we used to be able to do it ourselves and ended up with hundreds of The Mudcat Troll's fake accounts that he used to stalk and torment people. Study of the patterns used by that individual revealed that he reused 3 or 4 passwords so they were all tracked down and the fake accounts were out.

Dreadful days, those were. It's better now.

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Dave the Gnome
Date: 25 Feb 24 - 01:37 PM

I think I'll leave it for now but if someone else logs in as me I hope someone lets me know!

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: GUEST,.gargoyle
Date: 25 Feb 24 - 10:20 PM

Do NOT visit, even accidently, Russian porn places.

Sincerely,
Gargoyle

Some of the silk lingerie ads posted as "pop-ups" on Mudcat are quite provocative ... unfortunately they are never my size.

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Joe Offer
Date: 26 Feb 24 - 12:26 AM

I get a lot of reports of compromised Mudcat passwords. Usually, the member has a number of compromised passwords reported at the same time. I don't really know how terrible it is to have a Mudcat password compromised. Mudcat's password system is like a lock on a bathroom door - it's fairly easy to get past, but who'd bother? Most people don't want to see you pooping anyhow. Our password system gives a modest amount of security, but it's not enough to protect financial transactions or other things you want to keep secret. We're a folk music discussion forum, not Fort Knox. You should not be keeping your darkest secrets here.
But if you want to change your password or update your contact information, email me and tell me what you want for your new password, and I'll change it for you. One guy got all upset about that because that meant I knew his password. He left in a huff, and I haven't heard of his since.
Oh, and if you forgot your password, our automatic password sender rarely works. Email me, and I'll send you your password. DaveRo asks how I know who people are. Well, I've been here 25 years and I usually know.
Joe Offer
joe@mudcat.org

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: Dave the Gnome
Date: 26 Feb 24 - 03:28 AM

Yea, like you say, who cares! I only use this password here so it doesn't compromise anything else. One thing I must point out though. I know that someone has been banned for sharing their login details as I am still in touch with him. If anyone's password is compromised here, you could get multiple people logging in with the same ID. How will you prevent that?

Post - Top - Home - Printer Friendly - Translate
Subject: RE: Tech: Security breach?
From: MaJoC the Filk
Date: 26 Feb 24 - 09:37 AM

Warning from history: I remember reading, many years ago, of one chap who had a super-unbreakable password which he was requested and required to use for sensitive logins (possibly NSA-sensitive). One day, he tried his magic password on a password-strength program, which said: "Bingo: that password is well-known." Turns out he'd used his super-unbreakable password on a talker, and that the talker's owner, who also happened to write the password test program, had tipped the talker's password file (kept in plain text) into the tester's list of well-known passwords.

Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...
Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")

Mudcat time: 17 May 2:02 AM EDT

[ Home ]

All original material is copyright © 2022 by the Mudcat Café Music Foundation. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.