• Your account could be compromised.
    1,182 replies, posted
FUCK i am on the list and my password is noobie... fuck...... this must mean.... i am a dumb nigger [highlight](User was permabanned for this post ("Compromised" - postal))[/highlight]
[QUOTE=BlackDeath292;30715216]FUCK i am on the list and my password is noobie... fuck...... this must mean.... i am a dumb nigger[/QUOTE] Compromised account! P-Ban him!
Good thing I played BF:H on a junk email account.
[QUOTE=BlackDeath292;30715216]FUCK i am on the list and my password is noobie... fuck...... this must mean.... i am a dumb nigger[/QUOTE] haha well done
I'm not in the list (I think). But I checked and I found many user in the list: goon165 - Sparkwire - mastermaul - Reds - Jetamo - Zebus - Cajun NOT GOOD! I found others in the list: Nyaa - venom - Region
[QUOTE=TehWhale;30715175]showing companies how shit their security is[/QUOTE] Everybody already knows that. They don't need to tell the entire world what a bunch of random slob's passwords are.
[QUOTE=PvtCupcakes;30715240]Everybody already knows that. They don't need to tell the entire world what a bunch of random slob's passwords are.[/QUOTE]Maybe they should fix their shit so this doesn't happen? Who the fuck doesn't salt their passwords or stores passwords in plaintext?
Wait, there was more leaks than just the BF:H one?
[QUOTE=TehWhale;30715253]Maybe they should fix their shit so this doesn't happen? Who the fuck doesn't salt their passwords or stores passwords in plaintext?[/QUOTE] Please enlighten me, what does it mean to "salt" a password?
[QUOTE=Ardosos;30715270]Please enlighten me, what does it mean to "salt" a password?[/QUOTE] Make them tastier?
[QUOTE=triFeral;30715268]Wait, there was more leaks than just the BF:H one?[/QUOTE] Yes...
[QUOTE=triFeral;30715268]Wait, there was more leaks than just the BF:H one?[/QUOTE] Yes but the main one is the BF:H leak right now.
Wait... I used the checker thing and it said my username is in the database.... Does that mean I have to change my passwords to everything?
[QUOTE=Ardosos;30715270]Please enlighten me, what does it mean to "salt" a password?[/QUOTE] [quote]In cryptography, a salt consists of random bits, creating one of the inputs to a one-way function. The other input is usually a password or passphrase. The output of the one-way function can be stored rather than the password, and still be used for authenticating users. The one-way function typically uses a cryptographic hash function. A salt can also be combined with a password by a key derivation function such as PBKDF2 to generate a key for use with a cipher or other cryptographic algorithm. In a typical usage for password authentication, the salt is stored along with the output of the one-way function, sometimes along with the number of iterations to be used in generating the output (for key stretching). Early Unix systems used a 12-bit salt, but modern implementations use larger lengths from 48 to 128 bits. Salt is closely related to the concept of nonce. The benefit provided by using a salted password is rendering a lookup table assisted dictionary attack against the stored values rather impractical provided the salt is large enough. That is, an attacker would not be able to create a precomputed lookup table (i.e. a rainbow table) of hashed values (password + salt), because it would take too much space. A simple dictionary attack is still very possible, although much slower since it cannot be precomputed.[/quote] [quote]Salts also make dictionary attacks and brute-force attacks for cracking large number of passwords much slower (but not in the case of cracking just one password). Without salts, an attacker who is cracking many passwords at the same time only needs to hash each password guess once, and compare it to all the hashes. However, with salts, all the passwords will likely have different salts; so each guess must be hashed separately for each salt, which is much slower since hashing is usually very computationally expensive.[/quote]
[QUOTE=DSG;30715282]Wait... I used the checker thing and it said my username is in the database.... Does that mean I have to change my passwords to everything?[/QUOTE] No. You're fine. Yes of fucking course you change your shit.
[QUOTE=Ardosos;30715270]Please enlighten me, what does it mean to "salt" a password?[/QUOTE] I think to "salt" a password means to encrypt it. Because as stated, storing plaintext passwords is fucking retarded.
Wow i was pretty much never in any leak.
Whoa :ohdear:
[QUOTE=ROFLBURGER;30715292]No. You're fine. Yes of fucking course you change your shit.[/QUOTE] How the hell did somebody get a hold of my password on this account then? I barely sign up for anything, let alone some Battlefield game subscription or whatever. I don't even own any Battlefield game.
[QUOTE=DSG;30715282]Wait... I used the checker thing and it said my username is in the database.... Does that mean I have to change my passwords to everything?[/QUOTE] If you signed up for BF:H under the username you checked, and you use that password for anything else, CHANGE THE PASSWORDS, MAN!
[QUOTE=Soviet Russia;30715294]I think to "salt" a password means to encrypt it. Because as stated, storing plaintext passwords is fucking retarded.[/QUOTE] The BF:H leak was encrypted It was all MD5
[QUOTE=Wizzadar;30715314]If you signed up for BF:H under the username you checked, and you use that password for anything else, CHANGE THE PASSWORDS, MAN![/QUOTE] I've never signed up for the game, neither do I own any Battlefield game or have I signed up for anything related to the series or anything. What the fuck is this shit? :ohdear:
i am a dumb nigger [highlight](User was permabanned for this post ("Compromised" - postal))[/highlight]
[QUOTE=jordguitar;30715317]The BF:H leak was encrypted It was all MD5[/QUOTE] ah ok, I wasn't really sure what it meant.
[QUOTE=DSG;30715329]I've never signed up for the game, neither do I own any Battlefield game or have I signed up for anything related to the series or anything. What the fuck is this shit? :ohdear:[/QUOTE] It was only checking BF:H usernames, so you're in the clear if you didn't sign up for it. But I checked my e-mail and I'm still unsure... I changed everything, just to be sure.
[QUOTE=Wizzadar;30715339]It was only checking BF:H usernames, so you're in the clear if you didn't sign up for it.[/QUOTE] Yeah but my username is in the database on [url]http://facepun.ch/lulzsec.php?[/url] I really don't want to get my account permabanned. :saddowns: I didn't do anything wrong.
[QUOTE=jordguitar;30715193]You are using the wrong checker![/QUOTE] "Teto is in the database" lmao shit what does this mean anyway WHAT IS GOING TO HAPPEN ;;
[QUOTE=DSG;30715356]Yeah but my username is in the database on [url]http://facepun.ch/lulzsec.php?[/url] I really don't want to get my account permabanned. :saddowns: I didn't do anything wrong.[/QUOTE] just change your pass.
[QUOTE=robotman5;30715367]just change your pass.[/QUOTE] I did, but my name's still in the database.
[QUOTE=Soviet Russia;30715294]I think to "salt" a password means to encrypt it. Because as stated, storing plaintext passwords is fucking retarded.[/QUOTE] no, a salt is a string of text added to whatever you're MD5ing. Technically, there should be no way to DECODE a hash, which is what an MD5 function gives (it does NOT give an encoded password); there are flaws with MD5's, and it doesn't help when someone compiles a database of simple MD5's. Since you can't go back from MD5's, there normally is no need to encode the data; and, it'd be pointless. So whenever a customer uses your site and uses a simple password like 123456, you can make it more secure by adding "dGhpcyBpcyBhIHRlc3QgYmFzZTY0IGVuY29kZSBzYWx0Lg==" or something like that at the end. You won't find that in a database anywhere normally, so that's the purpose of salts.
Sorry, you need to Log In to post a reply to this thread.