ScoobyNet.com - Subaru Enthusiast Forum

Notices
Non Scooby Related Anything Non-Scooby related

ebay, WTF?

Thread Tools
 
Search this Thread
 
Old 14 May 2016, 09:52 AM
  #31  
pimmo2000
Scooby Regular
iTrader: (6)
 
pimmo2000's Avatar
 
Join Date: Sep 2004
Location: On a small Island near France
Posts: 14,660
Received 4 Likes on 4 Posts
Default
Originally Posted by stiscooby
Things like this make me laugh....... working in IT - users/customers never want to change their passwords, keep the same password for everything and sometimes make them way too simple........... they are then the first to moan when their accounts get hacked.

Ebay notified you to do something. Don't worry so much about why this, why that, just do what they ask, your account is secure again and move on in life


Just don't suggest his actions are turd like .. he doesn't appear to like that
pimmo2000 is offline  
Reply Like
Old 14 May 2016, 10:17 AM
  #32  
CharlySkunkWeed
Scooby Regular
iTrader: (7)
 
CharlySkunkWeed's Avatar
 
Join Date: Jun 2010
Location: Bangor-Northern Ireland
Posts: 3,499
Received 70 Likes on 48 Posts
Default
Had exactly the same with my Facebook on Thursday. I just changed my password slightly and signed back in.

Simple.

If it happens again I'll just change back to my old password.
CharlySkunkWeed is offline  
Reply Like
Old 14 May 2016, 10:36 AM
  #33  
pimmo2000
Scooby Regular
iTrader: (6)
 
pimmo2000's Avatar
 
Join Date: Sep 2004
Location: On a small Island near France
Posts: 14,660
Received 4 Likes on 4 Posts
Default
Originally Posted by CharlySkunkWeed
Had exactly the same with my Facebook on Thursday. I just changed my password slightly and signed back in.

Simple.

If it happens again I'll just change back to my old password.
Lots of people do that too .. it's crazy, why risk it? if someone has your password, chances are it's part of a big list and will likely be used for bruteforce on multiple sites. Changing it back puts you at risk. Add a number, a full-stop, add a capital, unless someone is targeting you specifically they'll just move on when it fails.
pimmo2000 is offline  
Reply Like
Old 14 May 2016, 11:17 AM
  #34  
CharlySkunkWeed
Scooby Regular
iTrader: (7)
 
CharlySkunkWeed's Avatar
 
Join Date: Jun 2010
Location: Bangor-Northern Ireland
Posts: 3,499
Received 70 Likes on 48 Posts
Default
Originally Posted by pimmo2000
Lots of people do that too .. it's crazy, why risk it? if someone has your password, chances are it's part of a big list and will likely be used for bruteforce on multiple sites. Changing it back puts you at risk. Add a number, a full-stop, add a capital, unless someone is targeting you specifically they'll just move on when it fails.
Fair point. That's what i did this time , added initials to it.
CharlySkunkWeed is offline  
Reply Like
Old 14 May 2016, 06:53 PM
  #35  
pimmo2000
Scooby Regular
iTrader: (6)
 
pimmo2000's Avatar
 
Join Date: Sep 2004
Location: On a small Island near France
Posts: 14,660
Received 4 Likes on 4 Posts
Default
Originally Posted by CharlySkunkWeed
Fair point. That's what i did this time , added initials to it.
We spotted a security breach for a third party website in work and tested the publicly disabled usernames and passwords against our customers, those that matched we reset to a randomly generated secure password and send them letters saying they can follow the password reset route or call up and confirm security. The number of them that were unhappy or tried to set it back to the same password was unreal.

I'd be over the moon if a company was that proactive with my details.
pimmo2000 is offline  
Reply Like
Old 14 May 2016, 07:29 PM
  #36  
hodgy0_2
Scooby Regular
 
hodgy0_2's Avatar
 
Join Date: Jul 2008
Location: K
Posts: 15,633
Received 21 Likes on 18 Posts
Default
Originally Posted by pimmo2000
and tested the publicly disabled usernames and passwords against our customers,
do you mean you ran a script against user accounts using well known password like

Password123
P@ssword
letmein
12345678


etc etc
hodgy0_2 is offline  
Reply Like
Old 14 May 2016, 09:42 PM
  #37  
pimmo2000
Scooby Regular
iTrader: (6)
 
pimmo2000's Avatar
 
Join Date: Sep 2004
Location: On a small Island near France
Posts: 14,660
Received 4 Likes on 4 Posts
Default
Originally Posted by hodgy0_2
do you mean you ran a script against user accounts using well known password like

Password123
P@ssword
letmein
12345678


etc etc

No, there is a paid subscription for IT security professionals that gives you details on recently posted Hacks, etc. If you follow the bread crumb you can normally find the lists online.

So we ran the usernames and passwords on said list (from a forum I think) against our LDAPs, those that authenticated where changed and the customers informed. Of course we didn't have the passwords to tell them the new ones, so they had to perform an action to recover accounts.

Difficult to share the reasoning as we don't want to highlight any potential hacker wannabes to this kind of data.
pimmo2000 is offline  
Reply Like
Related Topics
Thread
Thread Starter
Forum
Replies
Last Post
Need new pads...talk to me!
jonnyboy82
Wheels, Tyres & Brakes
23
07 October 2016 01:47 AM
Help needed: New disks & pads
Andy Stary
Wheels, Tyres & Brakes
6
09 May 2016 09:14 AM
Changing coolant without getting air locks (Newage)
scoober101
General Technical
4
06 May 2016 11:21 AM
Changing clutch - is oil replaced too?
ccsimpreza
Drivetrain
4
05 May 2016 10:10 PM
Need my Bugeye wrx remapped
aceifty
Engine Management and ECU Remapping
1
05 May 2016 09:49 PM
Back to Subforum
Non Scooby Related
View Next Unread
First to post in this thread wins ....




Advanced Search
Quick Reply: ebay, WTF?


Reply Closed Thread Share
Forum Jump

All times are GMT +1. The time now is 07:16 AM.