Login details hacked.

Page 1 of 4 123 ... LastLast
  1. Kol12's Avatar
    Posts : 1,916
    Windows 10 64 bit, 1809
       #1

    Login details hacked.


    Recently Creative's Soundblaster forums were pulled down after a data breach which included Email addresses, Forum user names, IP addresses and Encrypted passwords.

    What would be the course of action in terms of securing myself from any further attack?
      My ComputerSystem Spec

  2. Barman58's Avatar
    Posts : 3,028
    Windows 10 Pro x64 1903 - 18362.53 XP/Vista/Win7/Win8.1 in VM for testing
       #2

    Change all your login passwords everywhere, and if possible ( your convenience ) change your email address, and "speak" to your ISP about changing your External IP. [this would normally change on a regular basis anyway, but is best to prompt the ISP ]

    Consider one of the available secure password managers for future use these can create fully random secure long complex passwords for all your sites but allow you to use them normally.
    Also in future opt-in to any two tier security available to secure login.

    If you have any mission critical data think about your backup policy to secure this and also consider data encryptions, [ I would not expect this to apply to a normal home user ]
      My ComputersSystem Spec

  3. Kol12's Avatar
    Posts : 1,916
    Windows 10 64 bit, 1809
    Thread Starter
       #3

    @barman

    I use Lastpass for all of my password/logins with long complex passwords. Would you still recommend changing each sites password? What about usernames? Changing my email address would be major, what about all of the subscriptions and people that only contact me with that email address?

    Edit: I think the rest of my system defense is ok.. I run WD, standard user account, DEP enabled for all apps and have a lot of data locations shut off with Controlled Folder Access..
      My ComputerSystem Spec

  4. Barman58's Avatar
    Posts : 3,028
    Windows 10 Pro x64 1903 - 18362.53 XP/Vista/Win7/Win8.1 in VM for testing
       #4

    Does lastpass have a auto change facility built in part of the creation system for passwords are they changed automatically on a timer?, this sort of thing is very likely "overkill" for a personal system so can be ignored . but is a good security feature in office environments where email passwords do get passed around

    The convenience factor for the email has to be a major factor in your decision and should not be a major issue retaining the address, as long as the password is changed.

    A system I have implemented for clients moving from one email to another, (company rebranding, buyouts Etc), is to retain the old email but only use this for receiving mail, a New address is used for all outgoing mail, stating that the email has changed, (add to signature), so after a while the old address falls out of use, Most email systems will allow you to check mail from more than one address and even flag those coming via the old address for your attention, (you can then recreate subsctriptions you may have, or not as you see them ).
      My ComputersSystem Spec

  5. f14tomcat's Avatar
    Posts : 42,462
    Triple boot - Win 10 Pro, Win 10 Pro Insider (2) - (and a sprinkling of VMs)
       #5

    No auto-changer for PWs I am aware of. This is a sample LastPass PW generator screen. Nothing here, or on main Edit Site screen.

    Click image for larger version. 

Name:	2018-08-20_06h22_45.png 
Views:	1 
Size:	54.6 KB 
ID:	200109
      My ComputersSystem Spec

  6. Kol12's Avatar
    Posts : 1,916
    Windows 10 64 bit, 1809
    Thread Starter
       #6

    Lastpass does have a password changer but I've never understood how they work. The password would still have to be changed manually through the particular websites settings anyway?
      My ComputerSystem Spec


  7. f14tomcat's Avatar
    Posts : 42,462
    Triple boot - Win 10 Pro, Win 10 Pro Insider (2) - (and a sprinkling of VMs)
       #7

    Kol12 said: View Post
    Lastpass does have a password changer but I've never understood how they work. The password would still have to be changed manually through the particular websites settings anyway?
    That's true. Setup correctly, if you change a PW in a site, LP will ask "Save Password change?". You can accept, or Not Now.
      My ComputersSystem Spec

  8. Kol12's Avatar
    Posts : 1,916
    Windows 10 64 bit, 1809
    Thread Starter
       #8

    f14tomcat said: View Post
    That's true. Setup correctly, if you change a PW in a site, LP will ask "Save Password change?". You can accept, or Not Now.
    Yes Lastpass does update my changed passwords. I was referring more to an auto change feature. There is an option in Lastpass to "auto change password" but I haven't tried it out. It also appears to only be available for my google account.

    Click image for larger version. 

Name:	Lastpass.png 
Views:	1 
Size:	54.9 KB 
ID:	200114
      My ComputerSystem Spec

  9. f14tomcat's Avatar
    Posts : 42,462
    Triple boot - Win 10 Pro, Win 10 Pro Insider (2) - (and a sprinkling of VMs)
       #9

    Found this. The Auto-Change is a Beta feature and limited in scope. The article explains in detail, with a list of sites supported.

    Generating Secure Passwords | User Manual
      My ComputersSystem Spec

  10.    #10

    Kol12 said: View Post
    Recently Creative's Soundblaster forums were pulled down after a data breach which included Email addresses, Forum user names, IP addresses and Encrypted passwords.

    What would be the course of action in terms of securing myself from any further attack?
    Hi.
    If Soundblaster forum is the only hack, then (obviously) changing the password on that one, and any other place where you may have used the same password would be the first steps. Then, I would check on this site to see if your email address(es) have been pwned:
    Have I Been Pwned: Check if your email has been compromised in a data breach

    If so, change passwords accordingly. And, check this site on a regular basis. Sites/databases get hacked, and then show up months (or ever years) later.
    If LastPass is signed in while you are making password changes at the various sites, it will ask you if you want to make updates - select yes.

    Changing your public IP address can be done by turning off your modem for up to 10 minutes, to grab a new, dynamic address from your ISP. If you pay for a static IP, well, that's another matter.

    2FA is always preferable where available.
      My ComputerSystem Spec


 
Page 1 of 4 123 ... LastLast

Related Threads
Hello, In Windows 10 using the File Explorer, When I copy/create a new .MP3 file onto my computer it is displaying the .MP3 info. and not general file info. in the File Explorer. Example: It displays "Name, #, Title, Artist, Album" etc....
How to Customize Preview Details in Details Pane of File Explorer in Windows The details pane shows you see the most common properties associated with the selected file. File properties provide more detailed info about a file, such as the...
What use is saving login details? in Browsers and Email
For years I have clicked to 'save login details' or 'remember password' in numerous websites, including this one. What use is this? I expected it to help with logging in, especially as I am often not able to remember the details. But no, I have...
Out of forty or so sites I have set up in Edge, one is proving troublesome. The site in question is Sony UK Community Forum: https://community.sony.co.uk/t5/english-community/ct-p/en I have posted about the issue on that site. I had zero...
OK so a user named Lorenco was logged into my machine today when I went to login. This user account should not exist and was connected remotely I believe I captured all the event logs, what do I need to verify this was a hack or a legit login?...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 02:39.
Find Us