A Guitar And Gear Support Forum

I normally do not store passwords for any site for any reason ever, but I did try doing so for this site in IOS Safari to avoid the continuous need to re-authenticate.

Just now I got an internal system warning in my IOS/safari settings ( not a pop up ) that my password should be changed because of a “data leak” specific to this sites domain. It was not like a typical phishing message as it recommended I change my password directly via a browser manually.

Not sure if anyone else got anything similar, just thought I would pass it on. I can share a screenshot too if need be.

Screenshot from within IOS - is this just me? I did not take any action other than manually browsing to the site on a different device and changing my password out of caution.

uwmcscott wrote:Screenshot from within IOS - is this just me? I did not take any action other than manually browsing to the site on a different device and changing my password out of caution.

9070BF2C-4889-41F8-96DC-A670B5EA0DAE.jpeg

I think it means your password is too simple/common, not that it is actually compromised like the HaveIbeenpwned site might tell you.

Sent from my SM-G998U using Tapatalk

I've received NO REPORTS from our ISP that there has been a "data leak".

@uwmcscott as a software dev who has some interest in security, I think they're saying your password mathches one found in a data leak. I don't that means it was necessarily a leak here. So someone could potentially add that password to a dictionary attack:

https://en.wikipedia.org/wiki/Dictionary_attack

I've had password apps mention that I was still using a password that was leaked in a dataleak elsewhere and asked me to change it.

I get those all the time. To me, I thought it was that the used password is also used elsewhere.

golem wrote: ↑Tue Jul 20, 2021 8:50 am @uwmcscott as a software dev who has some interest in security, I think they're saying your password mathches one found in a data leak. I don't that means it was necessarily a leak here. So someone could potentially add that password to a dictionary attack:

https://en.wikipedia.org/wiki/Dictionary_attack

I've had password apps mention that I was still using a password that was leaked in a dataleak elsewhere and asked me to change it.

Thanks, good info to have. I work in IT as well albeit not directly in Info Security, but it is certainly an area of growing concern for everyone.

I generally never store passwords anywhere and I do use complex passwords, which this one was as well, but again I don't use the password storage app in IOS much either so it could be a general warning as others have mentioned.