Passwords compromised?
- Thread starter flyboy08
- Start date
Please register or login
Welcome to ScubaBoard, the world's largest scuba diving community. Registration is not required to read the forums, but we encourage you to join. Joining has its benefits and enables you to participate in the discussions.
Benefits of registering include
- Ability to post and comment on topics and discussions.
- A Free photo gallery to share your dive photos with the world.
- You can make this box go away
The Chairman
Chairman of the Board
They might get lost in a tragic canoe accident.
Not again.
I can only have so many of those before the feds get suspicious....
Err I mean, I'm a really bad canoe owner it keeps tipping over and sinking for no reason... Sure glad I got insurance, yeah, yeah that's it...
Jack Hammer
Contributor
I got this one
The Chairman
Chairman of the Board
That didn't come from SB, but your own browser. Somewhere you used this same password on some other account that's been hacked. Your browser, which you've allowed to collect your passwords, sees the same password here and is asking you to change it. Please do.
JackOfDiamonds
Jewish Space Laser Operator
JackOfDiamonds
Jewish Space Laser Operator
I got something similar when my browser was telling me that its unsafe to advance to the link (sb) because someone might be trying to intercept my connection and steal information. i did not took a screenshot though
check the tires on your canoe next time you go tripping down river
, you may need pancake mix to seal the crack on the hull
ThatDogDontHunt
Oscar Meyer Weiner
Probably no need to panic. But you may need to reconsider how much information you are giving to Google?
The (temporary?) url change from www.scubaboard.com to web.scubaboard.com means that we had to login in again. The different url means different cookies and different "saved" passwords from your browser's point of view. This forces the login.
So it is like you are signing into a new site for the first time. Apple and Microsoft like to play big brother. They watch everything you let them watch. And they pretend to try to protect you. While at the same time that they collect as much information about you as possible...but I am not paranoid.
If you use Google Chrome while signed into your Google account, Google will attempt to collect anonymous information about the usernames and passwords you enter into the browser. Google keeps a database of anonymous breached username - password combinations. While signed into Google, if you use a breached username - password combo you will get a warning (as shown above).
This means that some site somewhere in the world was breached and the username - password combo that your are using to access scubaboard was exposed. The breach may have nothing to do with any of your accounts.
But since the username - password combo you use for scubaboard is "known"**, they claim it makes sense for you to either change your username or your password.
**But maybe not really...do not panic yet...
In a "real" computer system passwords are stored via a 1 way encryption system. Think of it as a highly accurate, highly repeatable wood chipper. You provide your username & password (tree limb) and the wood chipper generates a pattern of wood chips on the lawn. That lawn pattern is what is stored in the database. Each time you login the wood chipper generates a pattern on the lawn. If it matches your stored pattern then it is you and you get logged in.
There is no "reverse wood chipper". If someone steals the database, all they have is a bunch of usernames and wood chip patterns. They do not actually know the original password. They do not have a means to use the pattern to find out your password. Unless they do not use a very good woodchipper. Scubaboard uses XF XenForo software which uses a very excellent woodchipper.
Google is warning you that they have found a match to your woodchip pattern in some breached database.
The (temporary?) url change from www.scubaboard.com to web.scubaboard.com means that we had to login in again. The different url means different cookies and different "saved" passwords from your browser's point of view. This forces the login.
So it is like you are signing into a new site for the first time. Apple and Microsoft like to play big brother. They watch everything you let them watch. And they pretend to try to protect you. While at the same time that they collect as much information about you as possible...but I am not paranoid.
If you use Google Chrome while signed into your Google account, Google will attempt to collect anonymous information about the usernames and passwords you enter into the browser. Google keeps a database of anonymous breached username - password combinations. While signed into Google, if you use a breached username - password combo you will get a warning (as shown above).
This means that some site somewhere in the world was breached and the username - password combo that your are using to access scubaboard was exposed. The breach may have nothing to do with any of your accounts.
But since the username - password combo you use for scubaboard is "known"**, they claim it makes sense for you to either change your username or your password.
**But maybe not really...do not panic yet...
In a "real" computer system passwords are stored via a 1 way encryption system. Think of it as a highly accurate, highly repeatable wood chipper. You provide your username & password (tree limb) and the wood chipper generates a pattern of wood chips on the lawn. That lawn pattern is what is stored in the database. Each time you login the wood chipper generates a pattern on the lawn. If it matches your stored pattern then it is you and you get logged in.
There is no "reverse wood chipper". If someone steals the database, all they have is a bunch of usernames and wood chip patterns. They do not actually know the original password. They do not have a means to use the pattern to find out your password. Unless they do not use a very good woodchipper. Scubaboard uses XF XenForo software which uses a very excellent woodchipper.
Google is warning you that they have found a match to your woodchip pattern in some breached database.
Johnoly
Contributor
- Messages
- 4,015
- Reaction score
- 5,478
- # of dives
- 2500 - 4999
You did predict it and it happened. Like's reset back to Sunday's totals with today's update.
Now if you can just tell me when the next Bitcoin crash will happen so I can sell a day early.
Similar threads
