thepureness Posted August 26, 2021 Share Posted August 26, 2021 I've been notified by my email provider that there was a data breach that effected one of my accounts and my password potentially leaked. When I visited my account manually (I do not click links on emails) it indicated that the data breach was on Britmodeller and it was my Britmodeller account that was potentially compromised. Do the admins know anything about this? Link to comment Share on other sites More sharing options...
Greg B Posted August 26, 2021 Share Posted August 26, 2021 Nope, no indication in your account details of multiple attempts or weird IP addresses. Only potential I can see is the use of an android device, with the flubot going around thats a bit of a concern. But nothing flagging here. Flagging your email on a check system shows its been breached - check here https://whatismyipaddress.com/breach-check Link to comment Share on other sites More sharing options...
thepureness Posted August 26, 2021 Author Share Posted August 26, 2021 Greg, did you just check my email address on Avast? I just got an email from them Link to comment Share on other sites More sharing options...
alt-92 Posted August 26, 2021 Share Posted August 26, 2021 I'm personally a big fan of https://haveibeenpwned.com/ - that service is also used by many providers by the way. Link to comment Share on other sites More sharing options...
Duncan B Posted August 26, 2021 Share Posted August 26, 2021 Norton also provide a similar service as part of their 360 package. Duncan B Link to comment Share on other sites More sharing options...
nheather Posted August 27, 2021 Share Posted August 27, 2021 Is this a report from a reputable source that the password you use for site XYZ is on a password leak list - I have seen this a few times. It doesn’t necessarily mean that site XYZ has been hacked or is the source of the leak - this can happen because you use the same password for multiple sites and it was site ABC that was the cause of the leak. Good sense is to use a different password for every site - sound sense but difficult to remember - I see relatives resort to a book of passwords that they keep by the side of their computer - doh! I was guilty of using the same password and I should know better given the business that I work in. I have now mostly swapped over to unique passwords that I can remember but I still have some of the old common passwords around and occasionally I get warnings. Another method is to use digital keychains, but I find those are not so flexible if you switch between many devices (home PC, phone, ipad, work PC, etc.). So I use an algorithm - this isn’t the one I use but to give you an idea - password is made up of Some rememberable but unrelated words like Custard, Llama, Bread, Diver, Chair - you get the idea, put some capitalisation in Some characters like @, #, £, &, +, avoid % and $ as they are used in database wildcarding so some developers won’t let you use in passwords because they can be used in script injection attacks Some numbers A few characters to identify the specific site, these are the only characters that make your password different to those of other sites, so for britmodeller you might choose BM or BRIT String them together in the same order for each password and you get something like BM#Frog283Custard@ You end up with a very strong password that is near impossible to hack, that is unique for each website and easy to remember. Cheers, Nigel 3 1 Link to comment Share on other sites More sharing options...
alt-92 Posted August 27, 2021 Share Posted August 27, 2021 .....or just use the password manager in your browser (or separate password manager app) and let that handle generating passwords. 2 Link to comment Share on other sites More sharing options...
spruecutter96 Posted August 27, 2021 Share Posted August 27, 2021 Passwords are a curse. Necessary, yes, but still a curse. Chris. Link to comment Share on other sites More sharing options...
Duncan B Posted August 27, 2021 Share Posted August 27, 2021 I used to be really bad for using the same or very similar passwords because I was lazy and stupid. I now use unique passwords for each and every log in I have (and change them every 6 months), it requires a tool to track them all but I feel much more secure now. The only time one of my passwords has turned up on a search of stolen data was actually an early attempt at a unique password but was not random enough, name of a ship plus a single digit, the data breach occurred on LinkedIn. Passwords, a PITA but a necessary evil. Duncan B 1 Link to comment Share on other sites More sharing options...
nheather Posted August 27, 2021 Share Posted August 27, 2021 11 hours ago, alt-92 said: .....or just use the password manager in your browser (or separate password manager app) and let that handle generating passwords. I mentioned those as an option. The problem is if you use multiple browsers and multiple devices. Cheers, Nigel 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now