warning about neoboards
#26
Posted 20 October 2010 - 08:13 AM
#27
Posted 20 October 2010 - 08:22 AM
my password is password12....
yes guys is was my poor excuse for a joke
#28
Posted 20 October 2010 - 08:33 AM
#29
Posted 20 October 2010 - 09:07 AM
I have a question, if you get cookie grabbed wouldn't they be able to access your personal PIN as well? Just a thought...
#30
Posted 20 October 2010 - 09:08 AM
Luckily I have a complex password so no idiot can try to guess what my password is. >_>
I have a question, if you get cookie grabbed wouldn't they be able to access your personal PIN as well? Just a thought...
That's not stored in your cookies, just on Neopets' servers.
#31
Posted 20 October 2010 - 09:36 AM
I used to have quite a problem with people trying to fuck with my account so I'm sure my account has been on these lists before.
#32
Posted 20 October 2010 - 09:47 AM
#33
Posted 20 October 2010 - 11:27 AM
#34
Posted 21 October 2010 - 10:16 PM
#35
Posted 22 October 2010 - 05:30 AM
A few people here know my account. It's not that impressive
That's what she said.
#36
Posted 22 October 2010 - 06:30 AM
About his account, or his Asian penis?That's what she said.
#37
Posted 22 October 2010 - 06:32 AM
JN and TDN are pretty safe IT's the people hacking them into hash lists that can't be trusted
Makes me wonder about the security of those sites if people can get into the database and get the hashed list of username and passwords.
#38
Posted 22 October 2010 - 07:07 AM
#39
Posted 22 October 2010 - 07:36 AM
Makes me wonder about the security of those sites if people can get into the database and get the hashed list of username and passwords.
I thinkthey are pretty secure. havent heard of someone losing their account thanks to those sites yet.
#40
Posted 22 October 2010 - 07:39 AM
I thinkthey are pretty secure. havent heard of someone losing their account thanks to those sites yet.
Actually I'd say people have lost hundreds, if not thousands, of accounts due to hash lists from those kind of sites...
#41
Posted 22 October 2010 - 07:48 AM
I thinkthey are pretty secure. havent heard of someone losing their account thanks to those sites yet.
I agree with laser. Someone told me that per every hash list of about 1000 names, about 100 would work. Sometimes more, sometimes less of course.
#42
Posted 22 October 2010 - 11:50 AM
#43
Posted 22 October 2010 - 11:58 AM
Why so? A randomly generated password of both lower and upper case letters as well as numbers should be secure enough, depending on its length and complexity.IMO Passwords should contain %&$# if they're allowed.
Really, no one is going to try and crack your account if they can just jump right into some idiots account with "justinbeiber" as their password or something.
#44
Posted 22 October 2010 - 12:03 PM
Why so? A randomly generated password of both lower and upper case letters as well as numbers should be secure enough, depending on its length and complexity.
Really, no one is going to try and crack your account if they can just jump right into some idiots account with "justinbeiber" as their password or something.
20+ character length and you should be fine.
#45
Posted 22 October 2010 - 12:08 PM
Sorry to be so ignorant but what's a hash list?Actually I'd say people have lost hundreds, if not thousands, of accounts due to hash lists from those kind of sites...
#46
Posted 22 October 2010 - 12:10 PM
Sorry to be so ignorant but what's a hash list?
It's basically like a encrypted version of the password if you will. Databases usually store the password in an encrypted forum using whatever keys they have setup in their configuration.
I'm not sure how long it would take to crack what the key is and decrypt the data but some people have a lot of time on their hands.
So let's say the database here stores my password as 7C4A8D09CA3762AF61E59520943DC26494F8941B or something arbitrary like that. Once you know the algorithm for decrypting it, they have my password.
Edited by Faval, 22 October 2010 - 12:13 PM.
#47
Posted 22 October 2010 - 12:13 PM
#48
Posted 22 October 2010 - 12:16 PM
In a nut shell hash lists are a list of data blocks in a file or a set. Its usually encrypted with SHA-1 encryption.
They're usually MD5.
#49
Posted 22 October 2010 - 12:40 PM
They're usually MD5.
Yeah since that seems to be the default for php settings. SHA1 is probably the default setting if you're using a .Net build.
#50
Posted 22 October 2010 - 01:10 PM
20+ character length and you should be fine.
Using 1 letter is probably the best. Most crackers just start at 4 letters and continue from there. .
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users