-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Millions of Gmail Hotmail and Yahoo email account details stolen says security expert
- Thread starter xkramz
- Start date
- Status
You shouldn't even be doing that in the first place. Sit down, educate yourself on password managers and set aside 1-2 hours to then change all of your passwords to a unique one for each site.
Baffling how many people still don't use them.
7DollarHagane
Banned
Also if you want to avoid being "hacked" Stop going to porn sites, use scriptsafe and advance, don't click any links in any emails, and stop downloading pirated material.
They get millions of people just from these stupid methods "click to meet hot people in your zipcode" "click to win a apple phone" not people here, but there's millions of dumb people.
They get millions of people just from these stupid methods "click to meet hot people in your zipcode" "click to win a apple phone" not people here, but there's millions of dumb people.
flaxknuckles
Member
Does not compute
8 X 11 Printer Paper
Member
You can go to porn sites, just do it in a sandbox or a VM at least.
GameAddict411
Member
I just enabled my two step verification settings. This shit is crazy and I do have my credit card linked to my Google account.
Calm waterfall
Banned
Sometime ago i linked my hotmail and gmail. How can i unlink hotmail and gmail account from my gmail?
None of which is relevant to this. E-mail themselves are breached. Not the user. The services were the ones hit. The bigger deal now is having various factors (2-factor, other like MS's "is this really you?") protecting you.
User 479360
Banned
This doesn't make a lot of sense.
I'm guessing that the email providers weren't hacked but some other service or services were which gave them access to all these accounts?
Seriously. Hacker manages to just scrape together hundreds of millions of accounts from 'many sources' then only wants less than $1 for the whole thing. Huh? How? Why?
thesaucetastic
Unconfirmed Member
Dang, that's a huge breach.
Hypemaster
Member
Finally stopped being lazy and started using KeePass and setting up two-step authentication/verification for everything I can. Yahoo and Hotmail taken care of, now to finish off my army of Gmail accounts...
My future self can thank me later.
My future self can thank me later.
Captain Rage Quit 69
Banned
This made me realize I never activated 2-step for my Gmail. Went and did that, and changed my password for good measure.
been two stepping for years
Same this is in line of people who never did this i am not worried.
Lmaoo
SirMossyBloke
Member
I could have sworn I had two step verification turned on for both my gmail and hotmail. Guess not. It is now though.
Speedy Blue Dude
Banned
The password I used for Yahoo! is a password I use for nothing else, but I still changed it just in case, and added my Mobile phone for easy recovery access, and went ahead and added 2 step anyways to be safe.
I don't really know if I have to worry about Gmail... since it's an email I only use for... Gaming shit. Just to sign up for betas and stuff... Gonna change the password anyways... but don't think If I get "hacked" in that email... I'd lose anything.
EDIT: Screw it, not changing the password on my gmail since it's been the same for 3 years and I like it that way. :> Just turning on 2 step for it as well.
I don't really know if I have to worry about Gmail... since it's an email I only use for... Gaming shit. Just to sign up for betas and stuff... Gonna change the password anyways... but don't think If I get "hacked" in that email... I'd lose anything.
EDIT: Screw it, not changing the password on my gmail since it's been the same for 3 years and I like it that way. :> Just turning on 2 step for it as well.
Here we go again.
Time to change a few passwords. Again.
2016 and companies like microsoft and google still getting stuff taken from their servers? I accept that hack attempts are constant but even if someone got access, they should only be able to find encrypted account details I would hope, so what is going on.
They need to come forward and let us know what happened, in any case.
If you use LastPass, open your Vault and do the Security Challenge. it will look through all of the sites you have registered and tell you which ones have been compromised and are needing details changed. You should do this regularly.
Time to change a few passwords. Again.
2016 and companies like microsoft and google still getting stuff taken from their servers? I accept that hack attempts are constant but even if someone got access, they should only be able to find encrypted account details I would hope, so what is going on.
They need to come forward and let us know what happened, in any case.
If you use LastPass, open your Vault and do the Security Challenge. it will look through all of the sites you have registered and tell you which ones have been compromised and are needing details changed. You should do this regularly.
bananafactory
Banned
Seems like password managers only work as a browser plug-in though? How about my phone?
Yeah, I was just about to ask the same thing.
Or what if I want to log in on, say, a computer at school, where I'm unable to install the plugin?
bananafactory
Banned
I mean, I have a lot of important accounts I need. I'm travelling in the US this fall and if something comes up I don't want to be in the situation where I don't know my password and don't have admin access to install some plugin on a public computer
styl3s
Member
Just created a lastpass account and did a bunch of complex passwords for my online banking, all gmails, comcast email, PSN/XBOX etc.
I would say this is getting annoying but honestly i never changed my passwords after one of the billion breaches we get a year but i did do 2 step verification on everything that let me i know that's something i should of done a long time ago.
I would say this is getting annoying but honestly i never changed my passwords after one of the billion breaches we get a year but i did do 2 step verification on everything that let me i know that's something i should of done a long time ago.
skullmuffins
Banned
Eh, I think it's unlikely that google's servers themselves were compromised. It's usually something like less-secured third party sites are broken into, and since millions of people still reuse passwords everywhere, they hackers use that stolen info to break into gmail, etc.
You can get password managers for your phone. Lastpass has a mobile app that you can sync with your desktop version for like $12 a year. You can also log in to the lastpass website and access your password vault without installing an extension.
tearsintherain
Member
Yeah, the breach for microsoft/yahoo/google isn't those companies themselves, but hackers breaking into other sites (PeopleWhoLikeJustinBieber.com for example), dumping their entire account database, and finding accounts that use the same password on the site as their email account.
Two step is definitely a must have, but also using different passwords for every site you have an account on is really a smart idea. Use a password manager like KeePass or 1Password to keep it nice and organized and worry free.
Two step is definitely a must have, but also using different passwords for every site you have an account on is really a smart idea. Use a password manager like KeePass or 1Password to keep it nice and organized and worry free.
Ben Morales
Member
LastPass mobile is fantastic. Been using it on my laptop, phone, and tablet for 2 years now.
Coreda
Member
This is what I expect it's from. There are thousands of account passwords you can find from just pastebin searches alone. With a strong, unique password I'm not sure I need to be concerned tbh.
WTF Microsoft? They will not let me activate two step sms codes since my phone number is already part of my security information??? Also the wording is so ambiguous I can't even tell if I already activated it or not from the security page.
EDIT: it would say turn off if I had it. I'm still baffled, is having two phone numbers some secret standard no one told me about?
Solved: Gave them an email as a backup so I could remove the phone number, making it possible to use it for two step verification. A bit cumbersome but I'm okay now I guess.
EDIT: it would say turn off if I had it. I'm still baffled, is having two phone numbers some secret standard no one told me about?
Solved: Gave them an email as a backup so I could remove the phone number, making it possible to use it for two step verification. A bit cumbersome but I'm okay now I guess.
- Status