• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

773 Million Credentials Leaked

Joined
Jan 8, 2017
Messages
3,863 (5.01/day)
Likes
2,983
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
#26
This is no BS site. The fact so many of you havent heard of it, to me is honestly stunning, more so than your thoughts of its legitimacy or purpose.
Site is legit, go it. Point is, every time something asks to write down your password it's good to instinctively not do it. I find it stunning that this isn't the first thought people get. It's absurd to suggest that we should read the source code and all that.
 

Solaris17

Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
20,175 (4.09/day)
Likes
7,476
Location
Florida
System Name Venslar
Processor I9 7980XE
Motherboard MSI x299 Tomahawk Arctic
Cooling EK Custom
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Nvidia Titan RTX
Storage 2x 2TB Micron SSDs | 1x ADATA 128SSD | 1x Drevo 256SSD | 1x 1TB 850 EVO | 1x 250GB 960 EVO
Display(s) 3x AOC Q2577PWQ (2k IPS)
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Realtek ALC 1220 on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6 Snow White
Software Windows 10 x64 Pro
#27
Pretty sure that site is bollocks. No matter what random string you write, it will either say its safe or not, but never that it doesn't exist.
This site is not "bollocks" nor is it "some random site".

woops didnt see page 2 beating a dead horse.
 
Joined
Sep 17, 2014
Messages
7,739 (4.79/day)
Likes
6,689
Location
Duiven, Netherlands
Processor i7 8700k 4.8Ghz @ 1.31v
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Eizo Foris FG2421
Case Fractal Design Define C TG
Power Supply EVGA G2 750w
Mouse Logitech G502 Protheus Spectrum
Keyboard Sharkoon MK80 (Brown)
Software W10 x64
#28
Site is legit, go it. Point is, every time something asks to write down your password it's good to instinctively not do it. I find it stunning that this isn't the first thought people get. It's absurd to suggest that we should read the source code and all that.
Yeah well. There are lots of services that save passwords in plaintext, whatcha gonna do about that? If your securing is through obscurity you are living an illusion.

The site still cannot associate your passwords to anything but an email address and any service TODAY that does not offer 2FA should be on your shitlist anyway.

What you SHOULD use the password check for is to see whether its a strong password or not. Security means making any breach a 'too much effort' affair, so strong passwords are a nice first line of defense, nothing more and nothing less. They secure you against the most basic level of attacks. After that its up to 2FA.
 
Joined
Jan 8, 2017
Messages
3,863 (5.01/day)
Likes
2,983
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
#29
There are lots of services that save passwords in plaintext
As I said previously, if you can, don't take unnecessary risks. Even if your password is stored somewhere in a notepad, you didn't have control over that.
 
Joined
Sep 17, 2014
Messages
7,739 (4.79/day)
Likes
6,689
Location
Duiven, Netherlands
Processor i7 8700k 4.8Ghz @ 1.31v
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Eizo Foris FG2421
Case Fractal Design Define C TG
Power Supply EVGA G2 750w
Mouse Logitech G502 Protheus Spectrum
Keyboard Sharkoon MK80 (Brown)
Software W10 x64
#30
As I said previously, if you can, don't take unnecessary risks. Even if your password is stored somewhere in a notepad, you didn't have control over that.
So don't take unnecessary risks, and before you change your password on a service, check whether its a safe one that is frequently used in breaches. Or try five of them... I mean, its not hard to get your obscurity back.

You guys act like there are sweat shops full of sweaty nerds sitting there manually typing in passwords. This stuff happens by the large numbers, not individual accounts. And the top passwords tried are those most frequently used - not the ones people may or may not use for their email address on a trusted website.

Seriously, its like I went back in time 10 years over here in this topic. Some of you really haven't got the slightest clue how security and hacks have changed over the past decade. Its all about big data. Even this very topic is entirely about a massive data leak. Not individual accounts, but a massive scoop up of millions of them. Its the numbers that determine the success rate, even if you hack 1% you're sitting on a goldmine.
 
Last edited:
Joined
Jan 8, 2017
Messages
3,863 (5.01/day)
Likes
2,983
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
#31
check whether its a safe one that is frequently used in breaches.
Sorry but that's an absolutely terrible advice. Rather than checking somewhere if your password was used or not in a breach, do yourself a favor and use a new one.
 
Joined
Sep 17, 2014
Messages
7,739 (4.79/day)
Likes
6,689
Location
Duiven, Netherlands
Processor i7 8700k 4.8Ghz @ 1.31v
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Eizo Foris FG2421
Case Fractal Design Define C TG
Power Supply EVGA G2 750w
Mouse Logitech G502 Protheus Spectrum
Keyboard Sharkoon MK80 (Brown)
Software W10 x64
#32
Sorry but that's an absolutely terrible advice. Rather than checking somewhere if your password was used or not, do yourself a favor and use a new one.
Mate, there are no safe passwords. Just varying degrees of how quickly they are breached. So if you find one that hasn't been breached yet in known hacks, you've got the highest assurance you can have that its safe. That is why companies deploy 2FA.

Like I edited in previous post, you have a security mindset of ten years ago.
 
Joined
Jan 8, 2017
Messages
3,863 (5.01/day)
Likes
2,983
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
#33
You could have checked your password a million times, that wont decrease the chances it will find it's way into the next breach one bit.
 
Joined
Sep 17, 2014
Messages
7,739 (4.79/day)
Likes
6,689
Location
Duiven, Netherlands
Processor i7 8700k 4.8Ghz @ 1.31v
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Eizo Foris FG2421
Case Fractal Design Define C TG
Power Supply EVGA G2 750w
Mouse Logitech G502 Protheus Spectrum
Keyboard Sharkoon MK80 (Brown)
Software W10 x64
#34
You could have checked your password a million times, that wont decrease the chances it will find it's way into the next breach one bit.
Depends on what breach you speak of. If its one of data mined or hacked credentials then no. But if its about working with known frequently used ones, then for sure the checker is decreasing your chances. But most of all its for entertainment purposes. Was your 'original' password really that original? Pretty interesting for that.

It also doesn't defeat the point I was making. Passwords are not a guarantee of security ever, anywhere.
 
Joined
Jan 8, 2017
Messages
3,863 (5.01/day)
Likes
2,983
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
#35
But if its about working with known frequently used ones, then for sure the checker is decreasing your chances.
If you've gotten to the point where you need to check that, you've already got a problem. If anything by insisting to use the same passwords, even if they are safe up until now, you're just increasing the number of places from which breaches can occur.

This is a solution to an already ill-posed problem. Breaches are out of your control, best you can do is use new passwords and multi-factor authentications as you said.
 
Joined
Sep 17, 2014
Messages
7,739 (4.79/day)
Likes
6,689
Location
Duiven, Netherlands
Processor i7 8700k 4.8Ghz @ 1.31v
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Eizo Foris FG2421
Case Fractal Design Define C TG
Power Supply EVGA G2 750w
Mouse Logitech G502 Protheus Spectrum
Keyboard Sharkoon MK80 (Brown)
Software W10 x64
#36
If you've gotten to the point where you need to check that, you've already got a problem.
In my personal case, I never knew my stuff was compromised until I put in my email address on the website. Then I found the news articles about Evony and DDO breaches in which my data was contained.

The main goal here I think is awareness.
 

95Viper

Moderator
Staff member
Joined
Oct 12, 2008
Messages
6,621 (1.75/day)
Likes
3,333
Location
Southeast Mid Atlantic
System Name Ha/AhHa/Dell
Processor QX9650 SLAWN C1/i7-980x/i7-6700K
Motherboard GA-X48_DS4 (F3B bios)/Gigabyte x58A-UDR3 v 2.0(modded FH bios)/Dell Foxconn 0XJ8C4 Z170
Cooling CNPS9900 LED/H60/ 3 pipe-center fan-air
Memory 8 Gig of G.Skill F2-8800CL5D/24 Gb Corsair Vengence/ 24Gb Samsung DDR4 2133
Video Card(s) Galaxy NVIDIA GeForce GTX 960/PowerColor R9 280/ASUS R9 380X Strix G1
Storage All have SSDs with HDDs for extra storage and backup/Dell-M.2 Samsung 850 EVO PCIe
Display(s) Viewsonic 1080p/HP ZR24W/Auria EQ278C
Case CM-690/CM-690 II adv/Dell 8900 series
Audio Device(s) All use on board (Realtek) w/2.1 speakers
Power Supply PC P&C 750/PC P&C Silencer 950/CM 700 Extreme
Mouse Logitech
Keyboard Logitech
Software Windows 10 Pro - 64 bit/Windows 10 Pro - 64bit/Windows 10 Pro - 64bit
#37
Take the effort to click on a few tabs on that site and you get indepth API info, code to use and implement, etc. Ive seen my share of scammy sites but this is not how those tend to look. Spotless English clearly written by a native speaker, and accurate results one can recognize without exceptions. The API works.

This is no BS site. The fact so many of you havent heard of it, to me is honestly stunning, more so than your thoughts of its legitimacy or purpose.

Due diligence pls? Click around a bit and see for yourself ...

Oh its half a decade, I see...
https://en.m.wikipedia.org/wiki/Have_I_Been_Pwned?
I already did my due diligence. This was before I formed my own opinion. I had, already, read up on Troy Hunt and, the company he joined with (He actually purchased the 1password subscription service); and, I still have my same conclusion and opinion of it.

I have not stated anything as fact, just my personal opinion.
And, you are free to have/express your opinion on the topic, too.
 
Joined
Dec 11, 2018
Messages
5 (0.07/day)
Likes
2
Location
New York
System Name Windows 10
Processor Intel core7
Memory 8 GB
Storage 512 GB SSD
#38
A huge database of logins/passwords was leaked to MEGA a few days ago. Stolen from multiple hacked sources.

Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It's made up of many different individual data breaches from literally thousands of different sources.

Source

How to check if yours is among them: https://haveibeenpwned.com
Looks like my passwords are ok :)
 
Joined
Nov 22, 2018
Messages
27 (0.30/day)
Likes
27
System Name Nilin
Processor Ryzen 5 2600
Motherboard Msi X470 Gaming Plus
Cooling Cooler Master 240 Lite
Memory G. Skill Flare X 2x8gb 3200 Mhz CL14 (for Ryzen)
Video Card(s) Msi Geforce GTX 1080 TI Founders Edition
Storage Samsung Evo 960 250gb M.2 (System), Samsung Evo 860 500gb (Games), WD 1Tb HDD (Garbage)
Display(s) LG 27" 4k IPS, LG24" FHD IPS
Case Cooler Master CM690 III
Power Supply Cooler Master 750W Gold
#39
Top