Create Account

Username
Password
Remember me
Forgot Teoti password?
Email
 

Awaiting activity

Advanced
Type:
Username:
Category:
Hot
Hot Random Sticky Scores Profiles
2 Days
2 Days 1 Week 1 Month All Time
This Month All Time

Visit the TeotiShop!

Digg Facebook StumbleUpon Twitter Google Buzz Favourites Email
11
bradpitt
bradpitt

Was Your Email Account Hacked? PwnedList Can Tell You.

10 comments, 282 views, posted 8:04 pm 06/02/2012 in Geek by bradpitt
bradpitt has 1313 posts, 793 threads, 3116 points, location: Church of the Flying Spaghetti Monster

Concerned about your private data in the wake of a big hack? The PwnedList website helps you find out if your online accounts were leaked during a data breach.

You might have noticed that there have been an increasing number of attacks on company servers and databases in recent times. Some groups hack for the fun of it all, although I don’t really see where the fun in causing such damage is, though. However, others hackers have more malicious and dangerous intentions.

In the case that you happen to have an account with a company that had been hacked, then fret not, because you can use PwnedList to check if your information has been compromised.

The online tool was developed by Alan Puzic, who is a professional security intelligence researcher who’s into “white-hat” hacking (or the good kind, if there really is one). In an interview, Puzic said: “Our goal was to design a simple-to-use online portal where an average user could check to see if his or her account credentials were leaked.”

You can check if your accounts are safe simply by typing in your username or e-mail address and hitting “Check.” If you find you’ve been compromised, now would be a good time to go change all of your passwords that use that email address. And if you’re worried about PwnedList itself, don’t, because they won’t store any of the information that you enter or any hits on searches you’ve made for your accounts on its database.

Related Link

Extra Points Given by:

griffin (5), bytehead (5)

Comments

1
8:14 pm 06/02/2012

Flee

amihacked@gmail.com = NOPE!

1
9:15 pm 06/02/2012

bytehead

According to them, my bytehead@bytehead.org is/was almost a year ago. That was when my Twitter account spammed people, but not my email to my knowledge. Which is why I'd like to have a little more info about how it was compromised.

0
9:45 pm 06/02/2012

bradpitt

by the look of it they had a go at defacing all the bytehead domains. If you'd like a tut I can pm you...?

1
12:20 pm 07/02/2012

djskitzy

I call bollocks, because my email was hacked about two years ago, several of you guys told me I'd been spamming your emails, I changed my password and the spamming stopped.....

yet my addy is not on their list......

0
6:28 pm 07/02/2012

bytehead

Quote by bradpitt:
by the look of it they had a go at defacing all the bytehead domains. If you'd like a tut I can pm you...?

I only own bytehead.org and byteheadconsulting.com, and those have never been defaced.  Somebody hacked bytehead.org once, and was using it as a spam repository, and it wasn't my fault, it was the sysadmin's fault, leaving AWS available like he did, he just managed to do it via my domain, that's all.

bytehead.net is used for who knows what, and bytehead.com is in Millwaukee.

My gmail account had somebody logging in from eastern Europe (mobile?) trying to spam all my contacts, which, since the total number was more than Google allowed, didn't get delivered.  And of course, that address isn't on their lists either.

I've been thinking about coming up with my own way of creating passwords that I can just generate based on domain name, repeatable so that I can just type the domain into a program and generate the password, making it at least 13 characters (no more hash codes) with upper, lower, special and numeric charaters.

I'm thinking about a base64 encoded master password, someway to make sure that the input is long enough to generate a 13 (whatever I set it to) long password for the domain, and do some kind of operation on that.

Nothing real fantastic, I just have to remember the master password.

Right now, almost all sites have their own password, remembered by Firefox.  Some still have my old password, which was sufficient back long ago, hackers went after the easy stuff, passwords 8 characters or less.  Now, that password is fairly easy to check.  Those accounts I haven't really accessed in a very long time.

1
7:00 pm 07/02/2012

bradpitt

Quote:
I've been thinking about coming up with my own way of creating passwords

thats the key imo, more salt.

1
10:49 pm 07/02/2012

bytehead

Yeah, that whole server was compromized back then.  And both of those domains are on the same server..

Thanks.

1
12:56 am 08/02/2012

Flee

You need to do a double fake and set your password to 12345678. It's so simple they will never think of it!

2
12:57 am 08/02/2012

Flee

I've always wanted to include the backspace into passwords. Think of the complexity when you can erase characters!

1
1:29 am 08/02/2012

bradpitt

Quote by Flee:
You need to do a double fake and set your password to 12345678. It's so simple they will never think of it!



Add Comment

Log in via teoti, or register to add a comment!


Teh NookMayrHayasdanJaranWebAngryShirtsGoneGeekEat Liver