I normally do not store passwords for any site for any reason ever, but I did try doing so for this site in IOS Safari to avoid the continuous need to re-authenticate.
Just now I got an internal system warning in my IOS/safari settings ( not a pop up ) that my password should be changed because of a “data leak” specific to this sites domain. It was not like a typical phishing message as it recommended I change my password directly via a browser manually.
Not sure if anyone else got anything similar, just thought I would pass it on. I can share a screenshot too if need be.
Site security question
-
uwmcscott
- Reactions:
- Posts: 1451
- Joined: Wed May 27, 2020 1:45 pm
- Location: Northern Wisco
- Gearlist: A few LP's, a Strat, a Tele and a few acoustics.
Screenshot from within IOS - is this just me? I did not take any action other than manually browsing to the site on a different device and changing my password out of caution.
AGF Survivor Champ Emeritus (Ask TVVoodoo )
I think it means your password is too simple/common, not that it is actually compromised like the HaveIbeenpwned site might tell you.uwmcscott wrote:Screenshot from within IOS - is this just me? I did not take any action other than manually browsing to the site on a different device and changing my password out of caution.
Sent from my SM-G998U using Tapatalk
10 years, 2 months, and 8 days of blissful ignorance ruined by that snake in the grass Major Tom.
-
LightWingStudios
- Site Admin
- Reactions:
- Posts: 1003
- Joined: Wed May 27, 2020 11:34 am
- Location: Titusville, FL U.S. of A.
- Contact:
I've received NO REPORTS from our ISP that there has been a "data leak".
U.S. Manufacturer Of Musical Instrument Protection Accessories: AxeShield HD, AxeSak HD, AmpShield HD, KeyShield HD, PedalShield HD, MixShield HD, AxeGlove And AxeCap.
Visit Us At https://www.LightWingStudios.com
Email us at contact@LightWingStudios.com
Visit Us At https://www.LightWingStudios.com
Email us at contact@LightWingStudios.com
@uwmcscott as a software dev who has some interest in security, I think they're saying your password mathches one found in a data leak. I don't that means it was necessarily a leak here. So someone could potentially add that password to a dictionary attack:
https://en.wikipedia.org/wiki/Dictionary_attack
I've had password apps mention that I was still using a password that was leaked in a dataleak elsewhere and asked me to change it.
https://en.wikipedia.org/wiki/Dictionary_attack
I've had password apps mention that I was still using a password that was leaked in a dataleak elsewhere and asked me to change it.
-
Razzle
- Reactions:
- Posts: 218
- Joined: Wed May 27, 2020 4:41 pm
- Location: Huntsville, AL
- Gearlist: 2010 AL-2000 Goldtop Floyd
2013 AL-3200 Purple Quilt Floyd semi-custom
2017 AL-3100mcc Lemonburst Quilt Floyd - Contact:
I get those all the time. To me, I thought it was that the used password is also used elsewhere.
-
uwmcscott
- Reactions:
- Posts: 1451
- Joined: Wed May 27, 2020 1:45 pm
- Location: Northern Wisco
- Gearlist: A few LP's, a Strat, a Tele and a few acoustics.
Thanks, good info to have. I work in IT as well albeit not directly in Info Security, but it is certainly an area of growing concern for everyone.golem wrote: ↑Tue Jul 20, 2021 8:50 am @uwmcscott as a software dev who has some interest in security, I think they're saying your password mathches one found in a data leak. I don't that means it was necessarily a leak here. So someone could potentially add that password to a dictionary attack:
https://en.wikipedia.org/wiki/Dictionary_attack
I've had password apps mention that I was still using a password that was leaked in a dataleak elsewhere and asked me to change it.
I generally never store passwords anywhere and I do use complex passwords, which this one was as well, but again I don't use the password storage app in IOS much either so it could be a general warning as others have mentioned.
AGF Survivor Champ Emeritus (Ask TVVoodoo )